Overview

overview

10

Static

static

8

db92aa79b3...91.xls

windows7-x64

10

db92aa79b3...91.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db92aa79b35ef1aeceb4982d900ffbc1ee756b5e403095e0f7b9cba93f258391

  • Size

    282KB

  • Sample

    220731-kw81vaabgk

  • MD5

    21f24bec513e1787ddfc009cc1a05bd6

  • SHA1

    780a483194d2224130e9a5f4c132c4443e2b32d5

  • SHA256

    db92aa79b35ef1aeceb4982d900ffbc1ee756b5e403095e0f7b9cba93f258391

  • SHA512

    23ab58256954c8a36f17e65d0b6703c82406e597b0dc5ddbd0080300efa86ba651af5279cc90aaeebce44c3378d237a705e70979add82d7a65505732fe5dbb32

Score
10/10
ta505macromacro_on_actionupx

Malware Config

Targets

    • Target

      db92aa79b35ef1aeceb4982d900ffbc1ee756b5e403095e0f7b9cba93f258391

    • Size

      282KB

    • MD5

      21f24bec513e1787ddfc009cc1a05bd6

    • SHA1

      780a483194d2224130e9a5f4c132c4443e2b32d5

    • SHA256

      db92aa79b35ef1aeceb4982d900ffbc1ee756b5e403095e0f7b9cba93f258391

    • SHA512

      23ab58256954c8a36f17e65d0b6703c82406e597b0dc5ddbd0080300efa86ba651af5279cc90aaeebce44c3378d237a705e70979add82d7a65505732fe5dbb32

    Score
    10/10
    ta505upx

    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

      ta505

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks