Overview

overview

10

Static

static

8

4ac2b269b8...d2.xls

windows7_x64

10

4ac2b269b8...d2.xls

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ac2b269b8c63a305d55c2ffadf0e99d760f94cf4de09ca5405ea6845854ddd2

  • Size

    684KB

  • Sample

    220625-hje6wscbe4

  • MD5

    abfa3b72cfcc998fa21f50ff5b787f1e

  • SHA1

    b135139f94552fd5d6ec0659853779d2680c6365

  • SHA256

    4ac2b269b8c63a305d55c2ffadf0e99d760f94cf4de09ca5405ea6845854ddd2

  • SHA512

    f2edbbf5243055f15579f2583c5792c676dff5364d99bafd5b7da574b9cc3ccb2d4430a37a6bafc0514cc9d016529a701a39c4f379691c6900754bb0c7617c76

Score
10/10
ta505macromacro_on_actionupx

Malware Config

Extracted

Language
xlm4.0
Source

Extracted

Language
xlm4.0
Source

Targets

    • Target

      4ac2b269b8c63a305d55c2ffadf0e99d760f94cf4de09ca5405ea6845854ddd2

    • Size

      684KB

    • MD5

      abfa3b72cfcc998fa21f50ff5b787f1e

    • SHA1

      b135139f94552fd5d6ec0659853779d2680c6365

    • SHA256

      4ac2b269b8c63a305d55c2ffadf0e99d760f94cf4de09ca5405ea6845854ddd2

    • SHA512

      f2edbbf5243055f15579f2583c5792c676dff5364d99bafd5b7da574b9cc3ccb2d4430a37a6bafc0514cc9d016529a701a39c4f379691c6900754bb0c7617c76

    Score
    10/10
    ta505upx

    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

      ta505

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks