7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d | Triage

Submit
Reports

Overview

overview

Static

static

8

7694066b23...5d.doc

windows7_x64

7694066b23...5d.doc

windows10-2004_x64

Sharing

General

Target

7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
Size

210KB
Sample

220201-gckmcsaba6
MD5

7a0e78ce8cccb72e9c39910df15490ba
SHA1

5c26eb1856e7c814370476a900148da49d79a9e1
SHA256

7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
SHA512

114baa574bb3302007ba407ad78e448b7ca7d3ca557c0cafd532919134988b23f81bbc94b4d308990637d65242f4a8abfb9b333f23e389f8f73dcd45144c1940

Score

10^/10

macro macro_on_action persistence

Static task

static1

macro macro_on_action

Behavioral task

behavioral1

Sample

7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d.doc

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d.doc

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://giftmaster.ml/PSf4hk96K/

exe.dropper

http://mapup.net/w2u4kwT/

exe.dropper

http://www.survivallives.com/WdnX2iVg/

exe.dropper

http://modivi.hu/nxmoQ9pDQm/

exe.dropper

http://eroscenter.co.il/v5nFBp/

Targets

- Target
  
  7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
- Size
  
  210KB
- MD5
  
  7a0e78ce8cccb72e9c39910df15490ba
- SHA1
  
  5c26eb1856e7c814370476a900148da49d79a9e1
- SHA256
  
  7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
- SHA512
  
  114baa574bb3302007ba407ad78e448b7ca7d3ca557c0cafd532919134988b23f81bbc94b4d308990637d65242f4a8abfb9b333f23e389f8f73dcd45144c1940
Score

10^/10

persistence
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy