9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de | Triage

Submit
Reports

Overview

overview

Static

static

8

9c2c1ec8b7...de.doc

windows7_x64

9c2c1ec8b7...de.doc

windows10-2004_x64

Sharing

General

Target

9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de
Size

196KB
Sample

220520-3gv5jsghc6
MD5

a2ce4f44ad38c51c43d8d7a6e99a16b1
SHA1

3f8bd5d0106a434e6233f9820571963991d99e04
SHA256

9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de
SHA512

a018c0686140a80f5094f11aca41c3bf247e4f752116fd6100877ecce02d178637169fbba3967de18260ff42f4e4cc705bd4debcce70e3ff08a5d7efca6739ef

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de.doc

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de.doc

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://offisepost.info/img/Q/

exe.dropper

http://purviitech.com/111/c39b5jp/

exe.dropper

https://www.awchang.com/wp-content/uploads/2019/02/uk8h/

exe.dropper

https://www.landzoom.com/wp-admin/0Z/

exe.dropper

https://www.municipales.lejournaltoulousain.fr/wp-content/yar/

Targets

- Target
  
  9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de
- Size
  
  196KB
- MD5
  
  a2ce4f44ad38c51c43d8d7a6e99a16b1
- SHA1
  
  3f8bd5d0106a434e6233f9820571963991d99e04
- SHA256
  
  9c2c1ec8b79146fe738554c3278c0c5aa0233b78fabc9babab89d460959901de
- SHA512
  
  a018c0686140a80f5094f11aca41c3bf247e4f752116fd6100877ecce02d178637169fbba3967de18260ff42f4e4cc705bd4debcce70e3ff08a5d7efca6739ef
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy