Overview

overview

1

Static

static

xlsx/xlsx/...st.ps1

windows7_x64

1

xlsx/xlsx/...st.ps1

windows10-2004_x64

1

xlsx/xlsx/...st.ps1

windows7_x64

1

xlsx/xlsx/...st.ps1

windows10-2004_x64

1

xlsx/xlsx/...O.xlsx

windows7_x64

1

xlsx/xlsx/...O.xlsx

windows10-2004_x64

1

xlsx/xlsx/...J.xlsx

windows7_x64

1

xlsx/xlsx/...J.xlsx

windows10-2004_x64

1

xlsx/xlsx/...ck.ps1

windows7_x64

1

xlsx/xlsx/...ck.ps1

windows10-2004_x64

1

xlsx/xlsx/.../ga.js

windows7_x64

1

xlsx/xlsx/.../ga.js

windows10-2004_x64

1

xlsx/xlsx/...ery.js

windows7_x64

1

xlsx/xlsx/...ery.js

windows10-2004_x64

1

xlsx/xlsx/...pup.js

windows7_x64

1

xlsx/xlsx/...pup.js

windows10-2004_x64

1

xlsx/xlsx/...ins.js

windows7_x64

1

xlsx/xlsx/...ins.js

windows10-2004_x64

1

xlsx/xlsx/...e.html

windows7_x64

1

xlsx/xlsx/...e.html

windows10-2004_x64

1

xlsx/xlsx/...age.js

windows7_x64

1

xlsx/xlsx/...age.js

windows10-2004_x64

1

xlsx/xlsx/...ck.ps1

windows7_x64

1

xlsx/xlsx/...ck.ps1

windows10-2004_x64

1

xlsx/xlsx/...x.html

windows7_x64

1

xlsx/xlsx/...x.html

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a006a3dd453c03399a612c2dc11e4290636f1b39ab1187cac4981758c4a565a

  • Size

    670KB

  • Sample

    220615-h8gq1sbhap

  • MD5

    fd080c9d5d951912f38b23b5e91b46ea

  • SHA1

    1b7038016c65cfd9ac96b6bf661f503528dcca49

  • SHA256

    2a006a3dd453c03399a612c2dc11e4290636f1b39ab1187cac4981758c4a565a

  • SHA512

    f5d92b97ed8fbc1b05faf63d1154574230c5da48053bcd69e72a69b95f720571de51520787a7fff0a328bf5b974578881b984f0447d04019f2084b25bb570e6f

Score
1/10

Malware Config

Targets

    • Target

      xlsx/xlsx/xl/link/Excel/BlackList.php

    • Size

      1KB

    • MD5

      d7a8ec808175f697f74fff16c97e2b11

    • SHA1

      102742cdeecb33034b74b24851c80570dbc2aa29

    • SHA256

      ac36b1a1ca21690705c69784f249175dee7355ee535d35913e8e46b6794454af

    • SHA512

      205cd939ef9aae19c60e5378b7b50ee84d78a23e22b6450e7b4b604f182c276571568a651223267d8ec442e5e4b29ae984572b83f6fdd89956a021d29ee1ca7e

    Score
    1/10
    behavioral1behavioral2

    • Target

      xlsx/xlsx/xl/link/Excel/PO/BlackList.php

    • Size

      1KB

    • MD5

      d7a8ec808175f697f74fff16c97e2b11

    • SHA1

      102742cdeecb33034b74b24851c80570dbc2aa29

    • SHA256

      ac36b1a1ca21690705c69784f249175dee7355ee535d35913e8e46b6794454af

    • SHA512

      205cd939ef9aae19c60e5378b7b50ee84d78a23e22b6450e7b4b604f182c276571568a651223267d8ec442e5e4b29ae984572b83f6fdd89956a021d29ee1ca7e

    Score
    1/10
    behavioral3behavioral4

    • Target

      xlsx/xlsx/xl/link/Excel/PO/PO.xlsx

    • Size

      14KB

    • MD5

      612c8d70e5279dc5225929146e692607

    • SHA1

      e590b7d58ae51d5c6ce5029c52de2bb8c2e1e686

    • SHA256

      b597c6a9730f35a6f2f9aa591685d2917cc0ab17688e7070d0c800f2c9a6c822

    • SHA512

      928b1a3482ecb8be2a3b695abba27944922a217c1def047834e579f4f5e9cf5df31a07b74a61c641eabd21b3d4d36a57765a7f12f3decda84368e1efd36d5625

    Score
    1/10
    behavioral5behavioral6

    • Target

      xlsx/xlsx/xl/link/Excel/PO/POJ.xlsx

    • Size

      23KB

    • MD5

      06c72045e38a67aed7f4ab2e1421f85e

    • SHA1

      81bac97cec964c06907ea814ce798a3787c897b1

    • SHA256

      bc60d7c7e95e4ad47d189b8ac2b537ab35ac4cee605d1e7af8c4a9565b9d4c78

    • SHA512

      a74ccc737f228d8bc56026ba2ffc44e06a060c88adffbe58ab026b0088dce2dc91d7c1de38d303a53b286e36e3f6d43b3808b015defa685410c17a4ee5a81d70

    Score
    1/10
    behavioral7behavioral8

    • Target

      xlsx/xlsx/xl/link/Excel/PO/block.php

    • Size

      1KB

    • MD5

      5116adad80c341b85d93671a323a55af

    • SHA1

      59918eb53b6d37cd6052f33812fca9a05fdf883e

    • SHA256

      b7121cded6b3c0d4ce457605b757087545bbb0e9339101e86ee46530c496d170

    • SHA512

      471948ccbffbe950dc04cae1c4ce8648cdc5321568ee4102426fc086a20452294dd3fd3c56e79c384ffe20d40962da2b1a12f6f2e5ffc1929ae9803362b3fa8f

    Score
    1/10
    behavioral9behavioral10

    • Target

      xlsx/xlsx/xl/link/Excel/PO/ga.js

    • Size

      42KB

    • MD5

      7d5a4c301dcb0ddde72ee50c8230f73d

    • SHA1

      bb662d409368c5a6793a0104d537848927a040c4

    • SHA256

      4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5

    • SHA512

      17bf34432274da9ba0d32cb8a12db88274f3ec0c9b7fea52080e8526b016c6db36e01bf6848e7cd8be363a59810b1ec99abd0b0b3fdeef586b4fd3be2ab7213a

    Score
    1/10
    behavioral11behavioral12

    • Target

      xlsx/xlsx/xl/link/Excel/PO/jquery.js

    • Size

      94KB

    • MD5

      8fc25e27d42774aeae6edbc0a18b72aa

    • SHA1

      b66ed708717bf0b4a005a4d0113af8843ef3b8ff

    • SHA256

      b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

    • SHA512

      87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1

    Score
    1/10
    behavioral13behavioral14

    • Target

      xlsx/xlsx/xl/link/Excel/PO/jquery_popup.js

    • Size

      1KB

    • MD5

      b3f78ab0fc1615c801cbbedcb9ff38a8

    • SHA1

      3f2eacfb1f14ea2bc281e23799a8829710f20e95

    • SHA256

      8308cd4f7dbe8a301e058f6ed215fdeca44bdec56c2ea2ff7d645bf631afe7b2

    • SHA512

      9a4c73cc0710e952bcae160f52c3b706090596a932e635935181d79ed3da7f55dfe2a3793b1aba87ee809ab4f9a82131bc2bb9e82d66bbd8e7247a4ee35453ac

    Score
    1/10
    behavioral15behavioral16

    • Target

      xlsx/xlsx/xl/link/Excel/PO/l0gins.php

    • Size

      6KB

    • MD5

      ca7c9e14252098085f1ff69f81069150

    • SHA1

      5ced845c18a0fc829689fce795a7ff2dc7dbef09

    • SHA256

      5b81dc258dea8c85ed24546af70cca9654edc0c2ceab7d9716d7c5125d9c187b

    • SHA512

      f8eeb493d50cc2be55abbed08160635551a23fa82f0b34e9e794d848613a5aa914cc48d6bbd20eba936f0ef8f6afe017c0a0168132a538a5b7e1817ff571916d

    Score
    1/10
    behavioral17behavioral18

    • Target

      xlsx/xlsx/xl/link/Excel/PO/page.html

    • Size

      19KB

    • MD5

      a99eba08a837777ca726dbe6949b68db

    • SHA1

      3347e3043496786a8b912e3c321b2f6c33e5b4ea

    • SHA256

      be8578d26da2c5da354ac7f9701a235ad6a44f4bab1fb1722c394d0902a2027a

    • SHA512

      d45051d566720906a73aa0c4bde5f5e3f6c858b36a67757b5e1ff780de44c1ecaf6941cb996f60a0c82ba0ad8617184fc745fba3c52b6b6e24e4f8f21c85aab9

    Score
    1/10
    behavioral19behavioral20

    • Target

      xlsx/xlsx/xl/link/Excel/PO/page.php

    • Size

      19KB

    • MD5

      a99eba08a837777ca726dbe6949b68db

    • SHA1

      3347e3043496786a8b912e3c321b2f6c33e5b4ea

    • SHA256

      be8578d26da2c5da354ac7f9701a235ad6a44f4bab1fb1722c394d0902a2027a

    • SHA512

      d45051d566720906a73aa0c4bde5f5e3f6c858b36a67757b5e1ff780de44c1ecaf6941cb996f60a0c82ba0ad8617184fc745fba3c52b6b6e24e4f8f21c85aab9

    Score
    1/10
    behavioral21behavioral22

    • Target

      xlsx/xlsx/xl/link/Excel/block.php

    • Size

      1KB

    • MD5

      5116adad80c341b85d93671a323a55af

    • SHA1

      59918eb53b6d37cd6052f33812fca9a05fdf883e

    • SHA256

      b7121cded6b3c0d4ce457605b757087545bbb0e9339101e86ee46530c496d170

    • SHA512

      471948ccbffbe950dc04cae1c4ce8648cdc5321568ee4102426fc086a20452294dd3fd3c56e79c384ffe20d40962da2b1a12f6f2e5ffc1929ae9803362b3fa8f

    Score
    1/10
    behavioral23behavioral24

    • Target

      xlsx/xlsx/xl/link/Excel/index.html

    • Size

      999B

    • MD5

      179a9b4449878ba933513c4e0fa0246e

    • SHA1

      dcda6e8b2403d13df5bf37fb446045cb2519effa

    • SHA256

      8fe5f22ee93b4541f93134769bec0757c0e22bb9b76b905769e9763e3b0a53d4

    • SHA512

      cf3ba60927871b8ef4ce7e477db8892ebf390bfd91f1e1c43d80f96787a402dea93b0f6e9dd4f19e516d3f74c3e80e358db4181751c01c2395ea0ff22c8af79e

    Score
    1/10
    behavioral25behavioral26

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Credential Access

Discovery

Query Registry

4
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks