Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf80a7cf643348e140e6b9b668036f7ff7b938926b354ba7ed9e05cf603eefab.doc

  • Size

    153KB

  • Sample

    200127-m9w6lc4z1e

  • MD5

    b7052241a8943c6affad942fb9e050ad

  • SHA1

    63fe54e6bced3669413983bb79cd03ea73153913

  • SHA256

    cf80a7cf643348e140e6b9b668036f7ff7b938926b354ba7ed9e05cf603eefab

  • SHA512

    356a86fc151b68ca2e9b981532fb53c3551f5b2a1b7841d28e1c4845cf39b83e5108b27a91deb2b531b688de0352aa378b8f9625709ba9af24ae6cf173311a99

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      cf80a7cf643348e140e6b9b668036f7ff7b938926b354ba7ed9e05cf603eefab.doc

    • Size

      153KB

    • MD5

      b7052241a8943c6affad942fb9e050ad

    • SHA1

      63fe54e6bced3669413983bb79cd03ea73153913

    • SHA256

      cf80a7cf643348e140e6b9b668036f7ff7b938926b354ba7ed9e05cf603eefab

    • SHA512

      356a86fc151b68ca2e9b981532fb53c3551f5b2a1b7841d28e1c4845cf39b83e5108b27a91deb2b531b688de0352aa378b8f9625709ba9af24ae6cf173311a99

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks