Overview

overview

10

Static

static

varacalli-...2.docm

windows10-2004_x64

10

Resubmissions

16-06-2022 16:21

220616-ttrs8afhhq 10

13-06-2022 09:28

220613-lfsjlafcfl 10

13-06-2022 08:34

220613-kgyxbsbab6 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    varacalli-file-13.06.2022.doc

  • Size

    1.9MB

  • Sample

    220616-ttrs8afhhq

  • MD5

    f2dbc8b51a88d4c6631042bb0f62df74

  • SHA1

    b9769be211e29dec9c7a03c0d255d2abbee9f73c

  • SHA256

    9894b3d3ab4a2f3303c0aea040cae4c50e5d9711fd5cb24b9c2500f5be9a23fe

  • SHA512

    354527aaaccfc18315b866fb6375b3fddeb9d264297127868fb06cb1b11da8e77e9bd07c73a040bd6a6bc5a9079651642b33f9db2267fdbc40f1b79d41dad41e

Score
10/10
svcreadyloadersuricata

Malware Config

Targets

    • Target

      varacalli-file-13.06.2022.doc

    • Size

      1.9MB

    • MD5

      f2dbc8b51a88d4c6631042bb0f62df74

    • SHA1

      b9769be211e29dec9c7a03c0d255d2abbee9f73c

    • SHA256

      9894b3d3ab4a2f3303c0aea040cae4c50e5d9711fd5cb24b9c2500f5be9a23fe

    • SHA512

      354527aaaccfc18315b866fb6375b3fddeb9d264297127868fb06cb1b11da8e77e9bd07c73a040bd6a6bc5a9079651642b33f9db2267fdbc40f1b79d41dad41e

    Score
    10/10
    svcreadyloadersuricata

    • Detects SVCReady loader

    • SVCReady

      SVCReady is a malware loader first seen in April 2022.

      loadersvcready

    • suricata: ET MALWARE Observed Win32/SVCReady Loader User-Agent

      suricata: ET MALWARE Observed Win32/SVCReady Loader User-Agent

      suricata

    • suricata: ET MALWARE Win32/SVCReady Loader CnC Activity M2

      suricata: ET MALWARE Win32/SVCReady Loader CnC Activity M2

      suricata

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks