General
-
Target
info_cl.7572.xls
-
Size
31KB
-
Sample
210120-htj4aexvbe
-
MD5
70e243c4f55f410fcd73d22708409176
-
SHA1
6a6c46cf50615e58a8fe8ef78231752a1323754b
-
SHA256
0be53050492d8c9cecc16b522054270f6c9a965a2f2f63704492e1836e285ddb
-
SHA512
0fd6ed9065b369f35886e464f78dbfcf00c7c8b63116e7e6a70802a209e11a4492160907474001f837485af1781369cd4ff8dcf2665740488a8fd58c96f16b92
Behavioral task
behavioral1
Sample
info_cl.7572.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
info_cl.7572.xls
Resource
win10v20201028
Malware Config
Extracted
https://ezucycam.com/k.php
Targets
-
-
Target
info_cl.7572.xls
-
Size
31KB
-
MD5
70e243c4f55f410fcd73d22708409176
-
SHA1
6a6c46cf50615e58a8fe8ef78231752a1323754b
-
SHA256
0be53050492d8c9cecc16b522054270f6c9a965a2f2f63704492e1836e285ddb
-
SHA512
0fd6ed9065b369f35886e464f78dbfcf00c7c8b63116e7e6a70802a209e11a4492160907474001f837485af1781369cd4ff8dcf2665740488a8fd58c96f16b92
Score10/10-
JavaScript code in executable
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-