Overview

overview

8

Static

static

5EC2C06B84...26.rtf

windows7-x64

8

5EC2C06B84...26.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5EC2C06B84AEE30E25C73B8F176C3C7DD8739611A295BE9312A29EA01DFBA226

  • Size

    24KB

  • Sample

    221123-r12kwsaa79

  • MD5

    1062fe7dd9eed3635639ed759a027b0b

  • SHA1

    68f7d2def96f8e4a2d3a59158fac28ef5ad5ab36

  • SHA256

    5ec2c06b84aee30e25c73b8f176c3c7dd8739611a295be9312a29ea01dfba226

  • SHA512

    2bba58f669bf9748a30073d4eb2dfe36eb842bddee96d4d70b28ae8a7980a106dc4fe7063f361bae3efe8ad2c1ce7dfde92e3d4112b2f038b2b97598de3a7c50

  • SSDEEP

    384:bQMmdOFNYY0aaaIswqPeOrka1+fHQJ+t3rQkRhZW15fg8UC0SXXYkpA0u4++:BFx0XaIsnPRIa4fwJMo15N0QYkpA14v

Score
8/10

Malware Config

Targets

    • Target

      5EC2C06B84AEE30E25C73B8F176C3C7DD8739611A295BE9312A29EA01DFBA226

    • Size

      24KB

    • MD5

      1062fe7dd9eed3635639ed759a027b0b

    • SHA1

      68f7d2def96f8e4a2d3a59158fac28ef5ad5ab36

    • SHA256

      5ec2c06b84aee30e25c73b8f176c3c7dd8739611a295be9312a29ea01dfba226

    • SHA512

      2bba58f669bf9748a30073d4eb2dfe36eb842bddee96d4d70b28ae8a7980a106dc4fe7063f361bae3efe8ad2c1ce7dfde92e3d4112b2f038b2b97598de3a7c50

    • SSDEEP

      384:bQMmdOFNYY0aaaIswqPeOrka1+fHQJ+t3rQkRhZW15fg8UC0SXXYkpA0u4++:BFx0XaIsnPRIa4fwJMo15N0QYkpA14v

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks