Overview

overview

10

Static

static

8

emotet_doc2

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    683573224327e8cecc5d38f690c4598f52ece7bd878b05e7f279111680604d5b

  • Size

    227KB

  • Sample

    201029-s4fgnbfnsa

  • MD5

    9302cda391554ab9cd2a2012057bbd93

  • SHA1

    73a9ace74211841912ee09399de898b221e47bf3

  • SHA256

    683573224327e8cecc5d38f690c4598f52ece7bd878b05e7f279111680604d5b

  • SHA512

    3496a3261ddccd2ebc8c6b4c4451a9adcac348d38112a1fda76ec1c6886ecc0ab92eefbb8db78be5a03463de4b596182adeeaa21e62a0f82348df5e90df8057a

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://enjoymylifecheryl.com/wp-includes/FPNxoUiCz3/
exe.dropper

https://homewatchamelia.com/wp-admin/qmK/
exe.dropper

https://seramporemunicipality.org/replacement-vin/Ql4R/
exe.dropper

https://imperfectdream.com/wp-content/xb2csjPW6/
exe.dropper

https://mayxaycafe.net/wp-includes/UxdWFzYQj/
exe.dropper

https://420extracts.ca/cgi-bin/Ecv/
exe.dropper

https://casinopalacett.com/wp-admin/voZDArg/

Targets

    • Target

      683573224327e8cecc5d38f690c4598f52ece7bd878b05e7f279111680604d5b

    • Size

      227KB

    • MD5

      9302cda391554ab9cd2a2012057bbd93

    • SHA1

      73a9ace74211841912ee09399de898b221e47bf3

    • SHA256

      683573224327e8cecc5d38f690c4598f52ece7bd878b05e7f279111680604d5b

    • SHA512

      3496a3261ddccd2ebc8c6b4c4451a9adcac348d38112a1fda76ec1c6886ecc0ab92eefbb8db78be5a03463de4b596182adeeaa21e62a0f82348df5e90df8057a

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blacklisted process makes network request

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks