5823cb05aaaf03a93a7d4a03c4207163701e79bf872d716525d8e8d2c15acc2b | Triage

Submit
Reports

Overview

overview

Static

static

008.xlsx

windows7_x64

008.xlsx

windows10_x64

1

Sharing

General

Target

008.xlsx
Size

369KB
Sample

211029-jzeqqshfdk
MD5

c9d8f6b863cf269cc0d1ac8ac810b0b0
SHA1

4ef9b0fb96dc429586c8e2e29be2ead7a6a3434f
SHA256

5823cb05aaaf03a93a7d4a03c4207163701e79bf872d716525d8e8d2c15acc2b
SHA512

8b019b0044bd5a58eb1fccb97230f1e4c65d3a164b6a0bfce3543bd882334562a3163b5123cbde963772e0b1e68d58ac23baf2eb19a4ef0e6c7dd2dd9d742ae1

Score

10^/10

suricata

Static task

static1

Behavioral task

behavioral1

Sample

008.xlsx

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

008.xlsx

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  008.xlsx
- Size
  
  369KB
- MD5
  
  c9d8f6b863cf269cc0d1ac8ac810b0b0
- SHA1
  
  4ef9b0fb96dc429586c8e2e29be2ead7a6a3434f
- SHA256
  
  5823cb05aaaf03a93a7d4a03c4207163701e79bf872d716525d8e8d2c15acc2b
- SHA512
  
  8b019b0044bd5a58eb1fccb97230f1e4c65d3a164b6a0bfce3543bd882334562a3163b5123cbde963772e0b1e68d58ac23baf2eb19a4ef0e6c7dd2dd9d742ae1
Score

10^/10

suricata
- suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy