Overview

overview

10

Static

static

sample20220809-01.xls

windows7-x64

10

sample20220809-01.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample20220809-01.xls

  • Size

    84KB

  • Sample

    220809-l8jgdsadg4

  • MD5

    5bc2a4eefe16c8465f076bdfc3d38870

  • SHA1

    71d800ce5f7cbd5f9d3ba9a16626c592bbc28c46

  • SHA256

    89d6b9a0f7d4f30f5021a893925dfbea12051a0d3e5f5845fd1bc45b74eed830

  • SHA512

    84b5ead8d2a3be2f86d3b568a1eaf22c425910d5bb7df75e31264aa4c79eb4b8e86f9728b8b7f6400026e782a6114a0626a8bb0f806e44ac688039077b6970c0

Score
10/10
svcreadyloader

Malware Config

Targets

    • Target

      sample20220809-01.xls

    • Size

      84KB

    • MD5

      5bc2a4eefe16c8465f076bdfc3d38870

    • SHA1

      71d800ce5f7cbd5f9d3ba9a16626c592bbc28c46

    • SHA256

      89d6b9a0f7d4f30f5021a893925dfbea12051a0d3e5f5845fd1bc45b74eed830

    • SHA512

      84b5ead8d2a3be2f86d3b568a1eaf22c425910d5bb7df75e31264aa4c79eb4b8e86f9728b8b7f6400026e782a6114a0626a8bb0f806e44ac688039077b6970c0

    Score
    10/10
    svcreadyloader

    • Detects SVCReady loader

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • SVCReady

      SVCReady is a malware loader first seen in April 2022.

      loadersvcready

    • Downloads MZ/PE file

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks