cf30c9ba71f92e288ed0a568e45cd59baa5ec43d072179ccf1110649d9953295 | Triage

Sharing

General

Target

shipping document.xls
Size

746KB
Sample

221123-qxzrfsab7s
MD5

2cf0f0d6ef7b592f66a3b8cc3cd3c20c
SHA1

04d72a1e89a226f5daa87042d3f8eec70b89f535
SHA256

cf30c9ba71f92e288ed0a568e45cd59baa5ec43d072179ccf1110649d9953295
SHA512

c865ba26033974b27a4742234562427a5f740a2563a87f0e1a4b1c6d8e67aad253f16f07e3435b8ca5b605007f909fc1a1e363a965d08f349552305d6e276181
SSDEEP

12288:ldNqrDx7XXXXXXXXXXXXUXXXXXXXSXXXXXXXX1TmpqudNqrDx7XXXXXXXXXXXXUp:kr5XXXXXXXXXXXXUXXXXXXXSXXXXXXX4

Score

8^/10

Malware Config

Targets

- Target
  
  shipping document.xls
- Size
  
  746KB
- MD5
  
  2cf0f0d6ef7b592f66a3b8cc3cd3c20c
- SHA1
  
  04d72a1e89a226f5daa87042d3f8eec70b89f535
- SHA256
  
  cf30c9ba71f92e288ed0a568e45cd59baa5ec43d072179ccf1110649d9953295
- SHA512
  
  c865ba26033974b27a4742234562427a5f740a2563a87f0e1a4b1c6d8e67aad253f16f07e3435b8ca5b605007f909fc1a1e363a965d08f349552305d6e276181
- SSDEEP
  
  12288:ldNqrDx7XXXXXXXXXXXXUXXXXXXXSXXXXXXXX1TmpqudNqrDx7XXXXXXXXXXXXUp:kr5XXXXXXXXXXXXUXXXXXXXSXXXXXXX4
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2