7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b | Triage

Submit
Reports

Overview

overview

Static

static

8

7e26e15cc1...5b.doc

windows7-x64

7e26e15cc1...5b.doc

windows10-2004-x64

Sharing

General

Target

7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b
Size

36KB
Sample

220725-eradtsecdp
MD5

441e1f32c93a73ea3dd3ad1951867dec
SHA1

9daa0fedc53972fce95b11394b8a9ee368c59130
SHA256

7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b
SHA512

53cde8fc0d98247f9601a812b2fc0943d745e3c6ad9a4dba77a8416d76e02562b2538760c64339df027551c61294f81275c573945e02d730b1cfe30b781be539

Score

10^/10

macro macro_on_action suricata

Static task

static1

macro macro_on_action

1 signatures

Behavioral task

behavioral1

Sample

7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b.doc

Resource

win7-20220718-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b.doc

Resource

win10v2004-20220721-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://swanescranes.com.au/xuploads/Pi.exe

Targets

- Target
  
  7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b
- Size
  
  36KB
- MD5
  
  441e1f32c93a73ea3dd3ad1951867dec
- SHA1
  
  9daa0fedc53972fce95b11394b8a9ee368c59130
- SHA256
  
  7e26e15cc181d3caec107bfd274e596064eef94dc11b3abde6738b53a0b6cd5b
- SHA512
  
  53cde8fc0d98247f9601a812b2fc0943d745e3c6ad9a4dba77a8416d76e02562b2538760c64339df027551c61294f81275c573945e02d730b1cfe30b781be539
Score

10^/10

suricata
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy