dfcb9b94e4a8677a5751a3c60d2e3556d077a0e45b530d9e063e08e84c58bef7 | Triage

Sharing

General

Target

Proof_of_Payment.xlsx
Size

232KB
Sample

220806-jgyqwsefb3
MD5

b9f15d091f5a0ac0343e431de590c236
SHA1

05cff656f2a4df925d95ce29c4b91393ecb7a1b1
SHA256

dfcb9b94e4a8677a5751a3c60d2e3556d077a0e45b530d9e063e08e84c58bef7
SHA512

86a0942dfa8bfe4a8562cf562a84181bf81deec1d056dbe935ee259d709aeda1afbe11abbb6f76d795ba310be083c88bd01bd381d2fa8d752a648672fdea7e6a

Score

8^/10

Malware Config

Targets

- Target
  
  Proof_of_Payment.xlsx
- Size
  
  232KB
- MD5
  
  b9f15d091f5a0ac0343e431de590c236
- SHA1
  
  05cff656f2a4df925d95ce29c4b91393ecb7a1b1
- SHA256
  
  dfcb9b94e4a8677a5751a3c60d2e3556d077a0e45b530d9e063e08e84c58bef7
- SHA512
  
  86a0942dfa8bfe4a8562cf562a84181bf81deec1d056dbe935ee259d709aeda1afbe11abbb6f76d795ba310be083c88bd01bd381d2fa8d752a648672fdea7e6a
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2
- Target
  
  decrypted
- Size
  
  225KB
- MD5
  
  18a7e682f03d5a7ec3a8d871cbc4196f
- SHA1
  
  0313cc7c3223bc7cddf65ca51e6e1710a6d45127
- SHA256
  
  26f00be58dcd7ccdde3161c7f1966c0f32b35d0861c03a57f9008090f506ab1c
- SHA512
  
  55f56712020098ab45d4975bec5e3882157ce9513dda5a8f483917d91cdd6571bb4a2927c7111a93ebf29aa34d68ad6bccfdb1a525ccd388ee3e80422c3d318a
Score

8^/10
- Blocklisted process makes network request
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4