Overview

overview

10

Static

static

8

df2070a83a...06.xls

windows7_x64

10

df2070a83a...06.xls

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df2070a83a8dc588d12e09c9c18e41a7464584dcf13dcb23de4c2b49bc29b206

  • Size

    940KB

  • Sample

    220701-hcvb8shgf4

  • MD5

    bd4d3897b916b08db608453fbd976f35

  • SHA1

    396bbf122e3ea69e886c1dcb39fbb1cfe028f78c

  • SHA256

    df2070a83a8dc588d12e09c9c18e41a7464584dcf13dcb23de4c2b49bc29b206

  • SHA512

    7cab748e296f440ce762e099a92c8bcd2e57dee177cd3cf1f9e476983739b6a9a0d8931aa072aa6fe2054ea4052c5d20092f1f5112a3f1503c980d7eb1856e90

Score
10/10
ta505macromacro_on_actionupx

Malware Config

Extracted

Language
xlm4.0
Source

Extracted

Language
xlm4.0
Source

Targets

    • Target

      df2070a83a8dc588d12e09c9c18e41a7464584dcf13dcb23de4c2b49bc29b206

    • Size

      940KB

    • MD5

      bd4d3897b916b08db608453fbd976f35

    • SHA1

      396bbf122e3ea69e886c1dcb39fbb1cfe028f78c

    • SHA256

      df2070a83a8dc588d12e09c9c18e41a7464584dcf13dcb23de4c2b49bc29b206

    • SHA512

      7cab748e296f440ce762e099a92c8bcd2e57dee177cd3cf1f9e476983739b6a9a0d8931aa072aa6fe2054ea4052c5d20092f1f5112a3f1503c980d7eb1856e90

    Score
    10/10
    ta505upx

    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

      ta505

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks