General
-
Target
CMA-CGM BOOKING CONFIRMATION.xlsx.zip
-
Size
1.1MB
-
Sample
210719-av5ky37w52
-
MD5
b31de197ec76fa127e183194985cd7b3
-
SHA1
5084279ad3e8bd642f73ea4dc1eed7964dcfc66d
-
SHA256
fe804532096933a2b2c7974144dd66cdce7f096eed55e294b0ecfefd4523dc1b
-
SHA512
b058c62ad125939819840c23718fc88a5b31b327b7247b0e43e5626b4299a6cf427c4bd674d43324f25d97f62617697918a680711e28d3289d5749f0436caee6
Score
10/10
Malware Config
Targets
-
-
Target
CMA-CGM BOOKING CONFIRMATION.xlsx
-
Size
1.2MB
-
MD5
1a23b8c8e5fa52a917c92207a8316b55
-
SHA1
7b481fe511b2132d2d2dc7cad79aa5ebda0d3388
-
SHA256
9584a27702d6f6fdecc4589a5c87b529ef2c41ca556ddf9325999a4bdb58fcc3
-
SHA512
25b6303a6aa2996b82c0f6572d74e9b6bf39a617179f5c2a984643e953a7dcd56662e590fca95ae7b23e0cdf8873c86f5cc6d4417a3a5e5f071c0db5d8c10f86
Score10/10-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-