c7e40628fb6beb52d9d73a3b3afd1dca5d2335713593b698637e1a47b42bfc71 | Triage

Submit
Reports

Overview

overview

5

Static

static

invoice_NQ_Supply.xls

windows7_x64

5

invoice_NQ_Supply.xls

windows10_x64

5

Sharing

General

Target

invoice_NQ_Supply.xls
Size

83KB
Sample

210122-fmp48gzqsx
MD5

50fecec126570e4b8fcd531d6711879a
SHA1

9166aee4a6815e4f67e0ae43344d8ca144958d47
SHA256

c7e40628fb6beb52d9d73a3b3afd1dca5d2335713593b698637e1a47b42bfc71
SHA512

5f6d88626024811fd05af98d35a2e54a87ce5c8929d56c8bc49d718417b3370af7aa9a66c46007c600c5ec608a0f91f1e952738ee35cd3aebe28b4db46a2c042

Score

5^/10

ransomware

Static task

static1

Behavioral task

behavioral1

Sample

invoice_NQ_Supply.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

invoice_NQ_Supply.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  invoice_NQ_Supply.xls
- Size
  
  83KB
- MD5
  
  50fecec126570e4b8fcd531d6711879a
- SHA1
  
  9166aee4a6815e4f67e0ae43344d8ca144958d47
- SHA256
  
  c7e40628fb6beb52d9d73a3b3afd1dca5d2335713593b698637e1a47b42bfc71
- SHA512
  
  5f6d88626024811fd05af98d35a2e54a87ce5c8929d56c8bc49d718417b3370af7aa9a66c46007c600c5ec608a0f91f1e952738ee35cd3aebe28b4db46a2c042
Score

5^/10

ransomware
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy