Overview

overview

10

Static

static

8

64af94592f...9c.xls

windows7_x64

10

64af94592f...9c.xls

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64af94592f6707505fa6f42b58776c3635706a414e6362a92f707df84627679c

  • Size

    937KB

  • Sample

    220625-lz3hxahha8

  • MD5

    0fea640a7da27f365b3675f73626b9c9

  • SHA1

    fd4825f244e9c145486cb6930ad05695b9972668

  • SHA256

    64af94592f6707505fa6f42b58776c3635706a414e6362a92f707df84627679c

  • SHA512

    c9a10288762f3f5a3fdff17f8dd8560e7a884f1b83f405c2e85c6c86e42f69a30841c13aa0f2ecfc55aed42995d7aeb8fe40415e423ed0a306d2e7d00883dfbf

Score
10/10
ta505macromacro_on_actionupx

Malware Config

Extracted

Language
xlm4.0
Source

Extracted

Language
xlm4.0
Source

Targets

    • Target

      64af94592f6707505fa6f42b58776c3635706a414e6362a92f707df84627679c

    • Size

      937KB

    • MD5

      0fea640a7da27f365b3675f73626b9c9

    • SHA1

      fd4825f244e9c145486cb6930ad05695b9972668

    • SHA256

      64af94592f6707505fa6f42b58776c3635706a414e6362a92f707df84627679c

    • SHA512

      c9a10288762f3f5a3fdff17f8dd8560e7a884f1b83f405c2e85c6c86e42f69a30841c13aa0f2ecfc55aed42995d7aeb8fe40415e423ed0a306d2e7d00883dfbf

    Score
    10/10
    ta505upx

    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

      ta505

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks