Resubmissions

28-02-2021 17:05

210228-pjgnbjwth2 8

27-02-2021 12:13

210227-bpkha5za7s 8

27-02-2021 04:19

210227-7c1xkzg346 10

27-02-2021 03:32

210227-2xwvzgykxs 8

27-02-2021 03:29

210227-qgrlcph782 8

27-02-2021 03:16

210227-k82qfdjlve 8

27-02-2021 02:45

210227-mjxh7bv4wj 8

27-02-2021 02:23

210227-w6qfkjy5ha 8

27-02-2021 02:06

210227-r385kvgs32 8

26-02-2021 23:10

210226-yds8gthfax 8

General

  • Target

    Doc_3744.xls

  • Size

    62KB

  • Sample

    210227-r385kvgs32

  • MD5

    47e22049644647ee854cedfe077156e7

  • SHA1

    20ad9f47616a8272dece2ec1039a88c09412c97c

  • SHA256

    5f2adacaf4ecb00ed24dd9dfe355307d0d6e786e40c945ad4c6d1ae3a4835d2a

  • SHA512

    1eeb87173378f4d0e157ee42f5b28e48ff84a35b44d71f004a6180cc2bdbc09e45c071adc7ab0a94c75071fbe3ee13b939ee8cb216b6f2e06c9c24ca34dbbf1b

Score
8/10

Malware Config

Targets

    • Target

      Doc_3744.xls

    • Size

      62KB

    • MD5

      47e22049644647ee854cedfe077156e7

    • SHA1

      20ad9f47616a8272dece2ec1039a88c09412c97c

    • SHA256

      5f2adacaf4ecb00ed24dd9dfe355307d0d6e786e40c945ad4c6d1ae3a4835d2a

    • SHA512

      1eeb87173378f4d0e157ee42f5b28e48ff84a35b44d71f004a6180cc2bdbc09e45c071adc7ab0a94c75071fbe3ee13b939ee8cb216b6f2e06c9c24ca34dbbf1b

    Score
    8/10
    • Modifies RDP port number used by Windows

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks