7552c96fe26d72990ed41266e7d9f152f0be0ae10f6e335c50f0cf9ad81b954c | Triage

Submit
Reports

Overview

overview

Static

static

8

aecsksrk.doc

windows7_x64

aecsksrk.doc

windows10-2004_x64

Sharing

General

Target

aecsksrk
Size

177KB
Sample

220522-fyvtsafec2
MD5

db1b0c04263c42047d6b74b1e81f3b6a
SHA1

d57b86969daaa860110f38ea40cf989d8c0773ac
SHA256

7552c96fe26d72990ed41266e7d9f152f0be0ae10f6e335c50f0cf9ad81b954c
SHA512

a85037f12b91166bc6d9a4875e823116715f9c809a4edb6f62acf105e36dccc1645ffacb79800f7f8c0a82b04c57e1649915e52c6e1af49fbedbc4b37065eed6

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

aecsksrk.doc

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

aecsksrk.doc

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://laurenebohn.com/briefed/2khzb_xw_qk86xalnhw/

exe.dropper

http://xristiana.com/cgi-bin/y_j_ue/

exe.dropper

http://berbercommunicatie.nl/cgi-bin/tge_1h4_hvgq/

exe.dropper

http://laarberg.com/cgi-bin/6s49_wr27h_24k0nel/

exe.dropper

http://atelierbrasilia.com/site/xt_8d_o1mo/

Targets

- Target
  
  aecsksrk
- Size
  
  177KB
- MD5
  
  db1b0c04263c42047d6b74b1e81f3b6a
- SHA1
  
  d57b86969daaa860110f38ea40cf989d8c0773ac
- SHA256
  
  7552c96fe26d72990ed41266e7d9f152f0be0ae10f6e335c50f0cf9ad81b954c
- SHA512
  
  a85037f12b91166bc6d9a4875e823116715f9c809a4edb6f62acf105e36dccc1645ffacb79800f7f8c0a82b04c57e1649915e52c6e1af49fbedbc4b37065eed6
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy