Overview

overview

10

Static

static

8

payment-advice.xls

windows7_x64

10

payment-advice.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    payment-advice.xls.zip

  • Size

    520KB

  • Sample

    210119-pzwk66dab2

  • MD5

    f14e56233832f99c9087f14b1c449e1d

  • SHA1

    8fb0bf4dadd6bf620e024a39c675eaea0acbf3d9

  • SHA256

    424b2089096fdc77775ea4a6107a6301e8600e6e1439ffc6b62c4024a74047fc

  • SHA512

    50675732bd6c85a1e6b047431f71c5bdd0c3ea251588327342a8fbb1a38486448d37ddbac204773af9161961c012328c62063cb735150c5fd37719e3c2689684

Score
10/10
loadermacromacro_on_action

Malware Config

Targets

    • Target

      payment-advice.xls

    • Size

      795KB

    • MD5

      576e4c38764d93e6d4397c8aa3dc669c

    • SHA1

      f6b55e0a2fb5542619a1931eeec88a3105d5b7d0

    • SHA256

      852d5a3d57834cae80089b5dccf1a4a1ccead2bbae728041a6a6b4590bf34a51

    • SHA512

      a4aeba30d6bc000c96667eb305eed17d830a4a74f8bc4f331c1bd9cec77febe5574ad2021c7b93d63a12c31a01b7046332b4aa66f8f0daa8b4a7eb5d20c7ff0e

    Score
    10/10
    loader

    • TA505 Loader

      Drops DLLs associated with loaders used by the TA505 threat group.

      loader

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks