5e7922b838a9a8edc76bb6629c189c55125e40fc812f4b57bfad3e37feb68d86 | Triage

Sharing

General

Target

PO-SKT112322011.xls
Size

1.0MB
Sample

221123-qxdh8aab2x
MD5

6fbba09eebd42a47f089767b92b9c778
SHA1

1af588c699ab643e334824dc26cf9baf4ddca8d5
SHA256

5e7922b838a9a8edc76bb6629c189c55125e40fc812f4b57bfad3e37feb68d86
SHA512

3d82ab0b12aba89483d19a85f3421598046e057f5f930412042c515c873a791289f54c26fc90080fd5e9232e3c2757d4c9c68840148467b9fa931e3e4acbde31
SSDEEP

24576:Mr5XXXXXXXXXXXXUXXXXXXXSXXXXXXXX6m6r5XXXXXXXXXXXXUXXXXXXXSXXXXXt:sE4gT

Score

8^/10

Malware Config

Targets

- Target
  
  PO-SKT112322011.xls
- Size
  
  1.0MB
- MD5
  
  6fbba09eebd42a47f089767b92b9c778
- SHA1
  
  1af588c699ab643e334824dc26cf9baf4ddca8d5
- SHA256
  
  5e7922b838a9a8edc76bb6629c189c55125e40fc812f4b57bfad3e37feb68d86
- SHA512
  
  3d82ab0b12aba89483d19a85f3421598046e057f5f930412042c515c873a791289f54c26fc90080fd5e9232e3c2757d4c9c68840148467b9fa931e3e4acbde31
- SSDEEP
  
  24576:Mr5XXXXXXXXXXXXUXXXXXXXSXXXXXXXX6m6r5XXXXXXXXXXXXUXXXXXXXSXXXXXt:sE4gT
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2