0e1891c3dde71482b12b39b582203b5007d24835f932be81d8c89750f5a74790 | Triage

Sharing

General

Target

0e1891c3dde71482b12b39b582203b5007d24835f932be81d8c89750f5a74790
Size

3.6MB
Sample

220529-sn66aahghp
MD5

04c667d0eb3977431e4b815f47178cbf
SHA1

acd51c61936837b4fc97bcb2a9ae1be55788baa8
SHA256

0e1891c3dde71482b12b39b582203b5007d24835f932be81d8c89750f5a74790
SHA512

ad781a303f91bc44dc4d742e34d7ae18cf4ef82e41aa0926dbd61fbd88489547aeddf4d19b11a031f23712dcf5a08635a6d8d7380fdd24c99bae26b65b1d0931

Score

1^/10

Malware Config

Targets

- Target
  
  Excel/PO/Invoice.xlsx
- Size
  
  23KB
- MD5
  
  06c72045e38a67aed7f4ab2e1421f85e
- SHA1
  
  81bac97cec964c06907ea814ce798a3787c897b1
- SHA256
  
  bc60d7c7e95e4ad47d189b8ac2b537ab35ac4cee605d1e7af8c4a9565b9d4c78
- SHA512
  
  a74ccc737f228d8bc56026ba2ffc44e06a060c88adffbe58ab026b0088dce2dc91d7c1de38d303a53b286e36e3f6d43b3808b015defa685410c17a4ee5a81d70
Score

1^/10
behavioral1 behavioral2
- Target
  
  Excel/PO/ga.js
- Size
  
  42KB
- MD5
  
  7d5a4c301dcb0ddde72ee50c8230f73d
- SHA1
  
  bb662d409368c5a6793a0104d537848927a040c4
- SHA256
  
  4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
- SHA512
  
  17bf34432274da9ba0d32cb8a12db88274f3ec0c9b7fea52080e8526b016c6db36e01bf6848e7cd8be363a59810b1ec99abd0b0b3fdeef586b4fd3be2ab7213a
Score

1^/10
behavioral3 behavioral4
- Target
  
  Excel/PO/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  1e63694db090c37403b39236526ce9dd
- SHA1
  
  bb9538c3278e345cdd258da1e747980c69c83636
- SHA256
  
  c780c4199027c837458e3af076a3ab2216aa2df799c8642915b971ac823d1fbe
- SHA512
  
  d648c48f38d02c4d54413c1c0bb41c82611e3b6d09527cf515c7f601c8bd5acce1075623496c60a0dffb4018513e1a4060313709c49ac65a427ae841888e4022
Score

1^/10
behavioral5 behavioral6
- Target
  
  Excel/PO/jquery.js
- Size
  
  94KB
- MD5
  
  8fc25e27d42774aeae6edbc0a18b72aa
- SHA1
  
  b66ed708717bf0b4a005a4d0113af8843ef3b8ff
- SHA256
  
  b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
- SHA512
  
  87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1
Score

1^/10
behavioral7 behavioral8
- Target
  
  Excel/PO/jquery_popup.js
- Size
  
  1KB
- MD5
  
  ab682fa8b1e5257c5eb0cba1bdeb2b16
- SHA1
  
  16211bb1a587b4030cacea5c9a7e688fcd8b156e
- SHA256
  
  cc9fcc5704f38ab13ae1e696fd45ace331092435101ab4a0f186aabca19bd230
- SHA512
  
  d24660809389dfbbeb244ce9a183d46c32a6b8e0a0921480d07ad317141576f8d4e9e74e438fd47dbcc988fb4b69d72f8d5d4cd3bfa88124c97f52c877dd5ca7
Score

1^/10
behavioral9 behavioral10
- Target
  
  Excel/PO/login.php
- Size
  
  5KB
- MD5
  
  32ab6c17a7d0e8b9e1232138dde02fef
- SHA1
  
  b81a5dad94b6f6e222b5878a6ecdb5d52177ed15
- SHA256
  
  b1f2653f39260a9b07d4f62ec797b0ab4f6c27f8f1a4d81b3540a474d0081546
- SHA512
  
  d7d02c64322d82c2a94ba4712bcf9f7b56bcb3fbe387f8c67a516a761bd2cab5cad80ed80ce4099998f52f2fc3f4e16238ace69a17b2a5cb1d9af685e5d63c6c
Score

1^/10
behavioral11 behavioral12
- Target
  
  Excel/PO/page.php
- Size
  
  18KB
- MD5
  
  c8f0d04962678fc2e670057425cc10d6
- SHA1
  
  44cfca4879bc30b909929291600345c4fe0830c1
- SHA256
  
  8c61b6497032f3cec5c70abfdc073852e2ca8df05e888a2c05c67be621617162
- SHA512
  
  2973b38f624616170c2bf377eb42d0e1d1b80225f8826a6570f67765664d8fc20111c43ba41616e8b1c59559e4bf4589e5dac7c6ef38ebaa03661d982b44d752
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14