Overview

overview

10

Static

static

1ac54e8c38...a3.rtf

windows7-x64

10

1ac54e8c38...a3.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1ac54e8c38c07efa41efdb8db3b520ee2fc76b1659bb48b1f66a996f6c59dda3

  • Size

    8KB

  • Sample

    220725-eer34sdgcl

  • MD5

    03dd9f3019550169a008b940b684fdea

  • SHA1

    93d8444b6e2ca5dba1236e13f06089aea262669c

  • SHA256

    1ac54e8c38c07efa41efdb8db3b520ee2fc76b1659bb48b1f66a996f6c59dda3

  • SHA512

    a6370c278b28656a3120a25139ccc212ef67e0c55ddc3bc794cce426ba5e1705edade808d029e0ef4fc3fbb80431c96b3a1a58b453b61ebd33c38a9664328aef

Score
10/10
suricata

Malware Config

Targets

    • Target

      1ac54e8c38c07efa41efdb8db3b520ee2fc76b1659bb48b1f66a996f6c59dda3

    • Size

      8KB

    • MD5

      03dd9f3019550169a008b940b684fdea

    • SHA1

      93d8444b6e2ca5dba1236e13f06089aea262669c

    • SHA256

      1ac54e8c38c07efa41efdb8db3b520ee2fc76b1659bb48b1f66a996f6c59dda3

    • SHA512

      a6370c278b28656a3120a25139ccc212ef67e0c55ddc3bc794cce426ba5e1705edade808d029e0ef4fc3fbb80431c96b3a1a58b453b61ebd33c38a9664328aef

    Score
    10/10
    suricata

    • suricata: ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious

      suricata: ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks