Price list.xlsm

General
Target

Price list.xlsm

Size

64KB

Sample

210504-vlyhzrlldj

Score
10 /10
MD5

dc48640ca8488d4c4e61b807ef19d11c

SHA1

e2cfbc565e62b269a7bfbdf2b3c060e52aaa6614

SHA256

c8f3d97c54386b86778a1d20917353583bcf706ffe0615d962683d55e449bcab

SHA512

06d0b3420f784cad69e11202271b99f47c7c5eeca68de9a5e01da6ebf2c5b25414ec242dd4517eeff43fcd239ec8ded073a9317c1140ae9e3c6b620b6af741b9

Malware Config

Extracted

Language ps1
Deobfuscated
URLs
ps1.dropper

https://cenga.hr/components/search/pri.ps1

Targets
Target

Price list.xlsm

MD5

dc48640ca8488d4c4e61b807ef19d11c

Filesize

64KB

Score
10 /10
SHA1

e2cfbc565e62b269a7bfbdf2b3c060e52aaa6614

SHA256

c8f3d97c54386b86778a1d20917353583bcf706ffe0615d962683d55e449bcab

SHA512

06d0b3420f784cad69e11202271b99f47c7c5eeca68de9a5e01da6ebf2c5b25414ec242dd4517eeff43fcd239ec8ded073a9317c1140ae9e3c6b620b6af741b9

Tags

Signatures

  • AsyncRat

    Description

    AsyncRAT is designed to remotely monitor and control other computers.

    Tags

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      8/10

                      behavioral1

                      1/10

                      behavioral2

                      10/10