Overview

overview

10

Static

static

8

4da2b86297...7c.xls

windows7_x64

10

4da2b86297...7c.xls

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4da2b862979ff7d73021e4f00db408b0cee63fdc3967a0c591b94f1d619ce87c

  • Size

    691KB

  • Sample

    220701-g4mk2affen

  • MD5

    9cd9936a613386a126448c82bdb13ee4

  • SHA1

    efc8cc57b49d120ebdfdf591e3cc40e3c94da91b

  • SHA256

    4da2b862979ff7d73021e4f00db408b0cee63fdc3967a0c591b94f1d619ce87c

  • SHA512

    5a33ae2d8e61f761b99a0ade4b4bfdb4cfc5833edbcb2e85755b47a62ccaa7d8b617b202abd8e1a6e1539af5480fa1c4ee0e503eb944de0bcdeb2a5ea69fb475

Score
10/10
ta505macromacro_on_actionupx

Malware Config

Extracted

Language
xlm4.0
Source

Extracted

Language
xlm4.0
Source

Targets

    • Target

      4da2b862979ff7d73021e4f00db408b0cee63fdc3967a0c591b94f1d619ce87c

    • Size

      691KB

    • MD5

      9cd9936a613386a126448c82bdb13ee4

    • SHA1

      efc8cc57b49d120ebdfdf591e3cc40e3c94da91b

    • SHA256

      4da2b862979ff7d73021e4f00db408b0cee63fdc3967a0c591b94f1d619ce87c

    • SHA512

      5a33ae2d8e61f761b99a0ade4b4bfdb4cfc5833edbcb2e85755b47a62ccaa7d8b617b202abd8e1a6e1539af5480fa1c4ee0e503eb944de0bcdeb2a5ea69fb475

    Score
    10/10
    ta505upx

    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

      ta505

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks