General
-
Target
JUSTIFICANTE TRANSFERENCIA.xlsx
-
Size
2.0MB
-
Sample
210118-w7qjzmjd9x
-
MD5
db38643af9b77bf55db95fbeeb921452
-
SHA1
f5e2e36b20cf2f4c40dd27d8c68b0dbd09c3c505
-
SHA256
2c5e3d15af1b6984f0462ccf500e7042f2db3996a979ce228e02fdd7016b14c2
-
SHA512
0230b5154f72671944365340d212755abbbecb731db5f2e4e863f5bef06d5bcf5df43eacd3a5d4976d7ead79f1112cb1caa98e5f8fe454e06b70d45070140846
Static task
static1
Behavioral task
behavioral1
Sample
JUSTIFICANTE TRANSFERENCIA.xlsx
Resource
win7v20201028
Behavioral task
behavioral2
Sample
JUSTIFICANTE TRANSFERENCIA.xlsx
Resource
win10v20201028
Malware Config
Targets
-
-
Target
JUSTIFICANTE TRANSFERENCIA.xlsx
-
Size
2.0MB
-
MD5
db38643af9b77bf55db95fbeeb921452
-
SHA1
f5e2e36b20cf2f4c40dd27d8c68b0dbd09c3c505
-
SHA256
2c5e3d15af1b6984f0462ccf500e7042f2db3996a979ce228e02fdd7016b14c2
-
SHA512
0230b5154f72671944365340d212755abbbecb731db5f2e4e863f5bef06d5bcf5df43eacd3a5d4976d7ead79f1112cb1caa98e5f8fe454e06b70d45070140846
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-