General
-
Target
cb10354a6aff051fe7ae1c2cfb38b40e5ed1c8fd1a4c4b1a35724efed4885995
-
Size
241KB
-
Sample
201028-6dezexs41a
-
MD5
270f03e3d9fef36f88e51dd5dfec47c1
-
SHA1
79874b79923b7ea19a4d5caa9c8512767e9a4285
-
SHA256
cb10354a6aff051fe7ae1c2cfb38b40e5ed1c8fd1a4c4b1a35724efed4885995
-
SHA512
53c2fac1ef4b5f70eb0a77ff0359e226fabd533e2828b97f90ab4aa1f8a35572fffb7be07efb3775abf9df7ad67539890912429b7a75b901a711264b28ef90d4
Static task
static1
Behavioral task
behavioral1
Sample
cb10354a6aff051fe7ae1c2cfb38b40e5ed1c8fd1a4c4b1a35724efed4885995.doc
Resource
win10
Malware Config
Extracted
http://nanettecook.org/wp-admin/x/
http://scalarmonitoring.com/wp-admin/js/widgets/S0A/
https://fourseasonsjsc.com/wp-admin/hzu9vvt/
https://ningyangseo.com/wp-admin/am/
https://www.rapidcarwash.net/wp-content/nO6U/
http://coolchacult.com/wp-includes/i/
http://anpbodysculpting.com/wp-content/themes/twentytwenty/c/
https://lamajesteindustries.com/wp-content/DRTujMR/
Targets
-
-
Target
cb10354a6aff051fe7ae1c2cfb38b40e5ed1c8fd1a4c4b1a35724efed4885995
-
Size
241KB
-
MD5
270f03e3d9fef36f88e51dd5dfec47c1
-
SHA1
79874b79923b7ea19a4d5caa9c8512767e9a4285
-
SHA256
cb10354a6aff051fe7ae1c2cfb38b40e5ed1c8fd1a4c4b1a35724efed4885995
-
SHA512
53c2fac1ef4b5f70eb0a77ff0359e226fabd533e2828b97f90ab4aa1f8a35572fffb7be07efb3775abf9df7ad67539890912429b7a75b901a711264b28ef90d4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Executes dropped EXE
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation