Overview

overview

10

Static

static

8

27-07-2021...de.pdf

windows7_x64

1

27-07-2021...de.pdf

windows10_x64

1

27-07-2021...58.doc

windows7_x64

10

27-07-2021...58.doc

windows10_x64

10

27-07-2021...58.exe

windows7_x64

10

27-07-2021...58.exe

windows10_x64

10

27-07-2021...1.docx

windows7_x64

4

27-07-2021...1.docx

windows10_x64

1

27-07-2021...1.docx

windows7_x64

4

27-07-2021...1.docx

windows10_x64

1

27-07-2021...80.exe

windows7_x64

10

27-07-2021...80.exe

windows10_x64

10

27-07-2021...PO.exe

windows7_x64

10

27-07-2021...PO.exe

windows10_x64

10

27-07-2021...ST.exe

windows7_x64

10

27-07-2021...ST.exe

windows10_x64

10

27-07-2021...ON.exe

windows7_x64

10

27-07-2021...ON.exe

windows10_x64

10

27-07-2021...21.pdf

windows7_x64

1

27-07-2021...21.pdf

windows10_x64

1

27-07-2021...PY.exe

windows7_x64

10

27-07-2021...PY.exe

windows10_x64

10

27-07-2021...AT.exe

windows7_x64

10

27-07-2021...AT.exe

windows10_x64

10

27-07-2021...ry.exe

windows7_x64

27-07-2021...ry.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27-07-2021.7z

  • Size

    4.3MB

  • MD5

    40bd404957785859d7dc75f986b0e9b5

  • SHA1

    c23abb937f8f509d8e80d366ec2580206a590c64

  • SHA256

    a544b4050677d9e5ad964398954cf7d74c96b65a1126a8bb3491fbe52ff0ec10

  • SHA512

    fd553802e9a27dd8e07b18af8d4d3511fe9e41dae54d01c8211a57742c3308e133735a289f9242688df8fc27fbf8ccd1cfbe33e36469f1c651972cd95e9ac50b

Score
8/10
pdflinkmacroxlmmacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Suspicious Office macro 2 IoCs

    Office document equipped with 4.0 macros.

    macroxlm
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Office document contains embedded OLE objects 2 IoCs

    Detected embedded OLE objects in Office documents.

Files

  • 27-07-2021.7z
    .7z
  • 27-07-2021/27-07-2021/Dike-Infocert-Upgrade.pdf
    .pdf

    • https://dike_infocert.firstcloudit.com/Infocert/Dike_Infocert_upgrade.msi

  • 27-07-2021/27-07-2021/ETL_013265_601_0758.doc
    .doc windows office2003

    ThisDocument

    Module1

  • 27-07-2021/27-07-2021/ETL_013265_601_0758.exe
    .exe windows x86


  • 27-07-2021/27-07-2021/FL_6110_32_75_21.docx
    .docx .doc office2007
  • 27-07-2021/27-07-2021/IMG_1026001780541.docx
    .docx .doc office2007
  • 27-07-2021/27-07-2021/Inv_7623980.exe
    .exe windows x86


  • 27-07-2021/27-07-2021/New PO.exe
    .exe windows x86


  • 27-07-2021/27-07-2021/ORDER LIST.exe
    .exe windows x86


  • 27-07-2021/27-07-2021/Payment Details.bat
    .zip
  • 27-07-2021/27-07-2021/REQUEST FOR QUOTATION.exe
    .exe windows x86


  • 27-07-2021/27-07-2021/Remittance Copy 22-07-21.pdf
    .pdf

    • https://goofy-davinci-6ad239.netlify.app/

  • 27-07-2021/27-07-2021/SWIFT COPY.exe
    .exe windows x86


  • 27-07-2021/27-07-2021/WE09858577444.BAT
    .exe windows x86


  • 27-07-2021/27-07-2021/inquiry.exe
    .exe windows x86