General

  • Target

    8e109db3ca2895277f1c854b248d2dd8b605b3c5c0a37540754ac974b29360bd

  • Size

    54KB

  • Sample

    210114-qphpjtrk3e

  • MD5

    cc75f66962792be28064fc912b7aa766

  • SHA1

    328d81950a57f3cde2b65ca06b954a7f92016916

  • SHA256

    8e109db3ca2895277f1c854b248d2dd8b605b3c5c0a37540754ac974b29360bd

  • SHA512

    a6d0c1c91b247f44a5a145c25bc4a9bb0665bedfe75cbb683ca20d8347784377310e6460381420607703fc7cd21bc060bd143f45c6221d7b066792369ed188b1

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      8e109db3ca2895277f1c854b248d2dd8b605b3c5c0a37540754ac974b29360bd

    • Size

      54KB

    • MD5

      cc75f66962792be28064fc912b7aa766

    • SHA1

      328d81950a57f3cde2b65ca06b954a7f92016916

    • SHA256

      8e109db3ca2895277f1c854b248d2dd8b605b3c5c0a37540754ac974b29360bd

    • SHA512

      a6d0c1c91b247f44a5a145c25bc4a9bb0665bedfe75cbb683ca20d8347784377310e6460381420607703fc7cd21bc060bd143f45c6221d7b066792369ed188b1

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks