General

  • Target

    E2-1852-09-24-20._doc

  • Size

    176KB

  • Sample

    200924-wv5t5r2dks

  • MD5

    da21775d45914ddecbd2f77af772dcc3

  • SHA1

    dd2c251d6308f59efe8ba6a6958fc5dc7724d562

  • SHA256

    c9146f3df123d9de78071e1a644daadfeaa96fa95b9082c03e14278e89a812dd

  • SHA512

    8dc99ad43fb2a2a3035bc88c4b36022ba7bc26aca07a703d31b4847089aec24fcba77a6b61108d45a29f2e91e1f2aa19dca096cbd9ab6e60b0face864486705f

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://rasti002-001-site1.1tempurl.com/5rma2/yf/

exe.dropper

http://surfportable.com/temprature/g3nMfFA/

exe.dropper

https://www.siyahkalemresim.com/yedek/z4NcS/

exe.dropper

https://jobnewsindia.info/wp-content/Q/

exe.dropper

https://gforcems.it/modules/Pe6IjPx/

exe.dropper

http://xbmwabq.cn/wp-includes/iA/

exe.dropper

http://lojadabox.com.br/wp-admin/EDxKJ/

Targets

    • Target

      E2-1852-09-24-20._doc

    • Size

      176KB

    • MD5

      da21775d45914ddecbd2f77af772dcc3

    • SHA1

      dd2c251d6308f59efe8ba6a6958fc5dc7724d562

    • SHA256

      c9146f3df123d9de78071e1a644daadfeaa96fa95b9082c03e14278e89a812dd

    • SHA512

      8dc99ad43fb2a2a3035bc88c4b36022ba7bc26aca07a703d31b4847089aec24fcba77a6b61108d45a29f2e91e1f2aa19dca096cbd9ab6e60b0face864486705f

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks