Overview

overview

8

Static

static

Shipping D...ts.xls

windows7-x64

8

Shipping D...ts.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Shipping Documents.xls

  • Size

    746KB

  • Sample

    221123-qxdtzsab21

  • MD5

    80172143fd4049c63f533d5c01aae2dd

  • SHA1

    2b6bc64bb12c84a99d6df5766a716f3cd12ce1ee

  • SHA256

    12295d5a38c339ffb5333989765b54fc6f23cf45a3715a8c9871ab3a76ff7d82

  • SHA512

    9a51615d612bce678c276bda4dafe9c9a78c78606c65e3f6480e2f20ac39cc06230baae051a16a4c78a7efae89332ed2ef3cc3bef43f5d34fa2a60ed07c4a134

  • SSDEEP

    12288:GdNqrDx7XXXXXXXXXXXXUXXXXXXXSXXXXXXXXuTmWqJdNqrDx7XXXXXXXXXXXXUD:Vr5XXXXXXXXXXXXUXXXXXXXSXXXXXXX

Score
8/10

Malware Config

Targets

    • Target

      Shipping Documents.xls

    • Size

      746KB

    • MD5

      80172143fd4049c63f533d5c01aae2dd

    • SHA1

      2b6bc64bb12c84a99d6df5766a716f3cd12ce1ee

    • SHA256

      12295d5a38c339ffb5333989765b54fc6f23cf45a3715a8c9871ab3a76ff7d82

    • SHA512

      9a51615d612bce678c276bda4dafe9c9a78c78606c65e3f6480e2f20ac39cc06230baae051a16a4c78a7efae89332ed2ef3cc3bef43f5d34fa2a60ed07c4a134

    • SSDEEP

      12288:GdNqrDx7XXXXXXXXXXXXUXXXXXXXSXXXXXXXXuTmWqJdNqrDx7XXXXXXXXXXXXUD:Vr5XXXXXXXXXXXXUXXXXXXXSXXXXXXX

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks