Overview

overview

1

Static

static

永胜FTTB...�).xls

windows7-x64

1

永胜FTTB...�).xls

windows10-2004-x64

1

永胜FTTB...�).xls

windows7-x64

1

永胜FTTB...�).xls

windows10-2004-x64

1

永胜FTTB...�).xls

windows7-x64

1

永胜FTTB...�).xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e7ff63e7614c6ac13b420df2ecb99aa41cbd829f31eabf0f905541baf7cdd60

  • Size

    2.4MB

  • Sample

    221123-xe8d7shg8v

  • MD5

    1b4a1690ea3aacb55ece5fd5fdae5149

  • SHA1

    ede3e3c8aba2d48d15ff811cafc938086716bcb3

  • SHA256

    4e7ff63e7614c6ac13b420df2ecb99aa41cbd829f31eabf0f905541baf7cdd60

  • SHA512

    6a6da1af706d7d6a3a3e173da0245c06399214d788d69826da8da75c60d1ad8dbfee98a67b00dbd776bdf79630ee14ec0112324256e1bab7bd31f2ccbde5e068

  • SSDEEP

    49152:wZfmAGp8oFePA8mxxft0qTrWQqts7TvZn7xIzkhCL9+zH41TawkSJuRNed9Fy:fgoBXfIQus7jZn/hG+7417N4Ky

Score
1/10

Malware Config

Targets

    • Target

      永胜FTTB/富顺县骑龙镇永胜乡全光改造工程(FTTB光缆).xls

    • Size

      135KB

    • MD5

      465ebe32c29cea4771ed248f6fcde47d

    • SHA1

      744d9eadf89d98e9c7c60366a0edc0f99e9217c8

    • SHA256

      02310f558c0c9e9d2de372f52c7b362b13cd104590ff5e54fb135e2c25a1cade

    • SHA512

      c4980ad425412302d1d83f06ab9925cae2df022be45ea3129569b19df9cb63ff4eaa836f7e2801e47f19654faecc7021becf5e9dd4e91114aa495d2a3b821d0d

    • SSDEEP

      768:KLLLL/NMnR2EqkW+244rUvz258/CFBeyuOGHEQm0YGeJUAYGeKDemAvojuWa/67P:KLLLL/NMHA+2IsfQEQnGywbCXwbCW/

    Score
    1/10
    behavioral1behavioral2

    • Target

      永胜FTTB/富顺县骑龙镇永胜乡全光改造工程(FTTB电缆).xls

    • Size

      140KB

    • MD5

      f618adbc1e6e8bb665abf583b6d9dbe6

    • SHA1

      e3769500bb901f3d673eb6d07fe418564e69b9cb

    • SHA256

      8d7bf92511ed89528daa6c0132342b069b8008b3aa9a3a0646a10ce726489314

    • SHA512

      108a21021dda686bb40e1840ab13d7cf43c018bbb71b10b18a86edc4a38910a2685f831ab91ddf97bd7d7325ea020b8712968c62347e1d0de1a0c46c50be931c

    • SSDEEP

      1536:mLLLL/NMH4f/akZaQOk3/EQoYLQwbC6wbCCa:3Y13/+mGa

    Score
    1/10
    behavioral3behavioral4

    • Target

      永胜FTTB/富顺县骑龙镇永胜乡全光改造工程(设备).xls

    • Size

      123KB

    • MD5

      f3c3cb1969715fe28564ecb74f2e0705

    • SHA1

      962fd304cda8dcb1b1107f84c1ee87eb14816ebb

    • SHA256

      0310b90265cfe1600aa63d531921ae5e996bfee186aca4735849ac3f8f89fddc

    • SHA512

      8f082e301f4be7fe165b392d348a2fa98d1adfca2fe3b17a3781b5353a00152cbff05025fe49c36277422d09cfe9b37378bd336310e4cda06b78e6085f345e88

    • SSDEEP

      768:kxxx67+7pPG6/cyx9iTLVEnKCp9T9KSlOf2h/OXB7HK6SSuRIP6dgBx7fK6SSuRe:kxxx67+dG6/ct9Cp7DdEvqE

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

Query Registry

6
T1012

System Information Discovery

6
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks