e01a79aad79919162d1e21e08baf09f14088eae1c58f2f83cddee285120d7e3c | Triage

Sharing

General

Target

Swift for september order.xls.zip
Size

124KB
Sample

221123-lv8jcscd55
MD5

e296ad17096195c685b61da4fb936e29
SHA1

627e67bcea2cad36e6817979fe07a6e97b2d3fa7
SHA256

e01a79aad79919162d1e21e08baf09f14088eae1c58f2f83cddee285120d7e3c
SHA512

58bcea27adf6b735f014d315e4355efe3ccc2246cf674f9b515de7a09bd1d7f40bff0e6f86bc489be3351f7470c9d7e0009761edfe32119277375c3c217449de
SSDEEP

3072:A07TeiAApM0Vmkp5+K7WNuCXhoBzhQojPBHR4:l/8AjpIKywCCbTjPBHR4

Score

8^/10

Malware Config

Targets

- Target
  
  Swift for september order.xls
- Size
  
  145KB
- MD5
  
  8d6accfa2b80d488e27e91dd423b8795
- SHA1
  
  dff53fea38d208913c98d080567099269ce7d5bf
- SHA256
  
  70d16f987dae7cfbbe23a264f202c837ab36cd229ca5fa55f74493f886468fb5
- SHA512
  
  72c6e697c159bb7905a9feb199fd43abf65ec28bc3561d62e1433f374cfa378201ef7e48b5c923502e20c0a360efde1e981bc6fa17f7fded67389a9ea2b4b056
- SSDEEP
  
  3072:YXI8LuesUyi3zNpI8XGuF1hZe+Wh+KWMmxckiYQWBM5Ky:YXUesA3pppTF1hZC+KWuYQW8K
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2