Overview

overview

10

Static

static

8

ca2903b4a6...4c.xls

windows7-x64

1

ca2903b4a6...4c.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca2903b4a6423eccf466a1ab5ba83efc81c0e1ac76741eb2c6432e8e6efff64c

  • Size

    729KB

  • Sample

    220731-kxk1eaabhr

  • MD5

    5fd6c9ca842ef4fd97dc05d666b8d2a9

  • SHA1

    89be226ee9c2d0997ed4147e9c0c22f9fe1e5d88

  • SHA256

    ca2903b4a6423eccf466a1ab5ba83efc81c0e1ac76741eb2c6432e8e6efff64c

  • SHA512

    1f656a4ad976fdb80c1f645529471f867d1f6a931b9d3d3a99ed2c8eb085abc9f5b345dcdcb0c1a0dfec9eadf8272d32e20a250bae6f36dd56bfdca4e27947f0

Score
10/10
ta505macromacro_on_actionupx

Malware Config

Targets

    • Target

      ca2903b4a6423eccf466a1ab5ba83efc81c0e1ac76741eb2c6432e8e6efff64c

    • Size

      729KB

    • MD5

      5fd6c9ca842ef4fd97dc05d666b8d2a9

    • SHA1

      89be226ee9c2d0997ed4147e9c0c22f9fe1e5d88

    • SHA256

      ca2903b4a6423eccf466a1ab5ba83efc81c0e1ac76741eb2c6432e8e6efff64c

    • SHA512

      1f656a4ad976fdb80c1f645529471f867d1f6a931b9d3d3a99ed2c8eb085abc9f5b345dcdcb0c1a0dfec9eadf8272d32e20a250bae6f36dd56bfdca4e27947f0

    Score
    10/10
    ta505upx

    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

      ta505

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks