9738e526def1c503043948273b6859d467b7fe55fe0bdc6566bcf0afb02b36b5 | Triage

Submit
Reports

Overview

overview

8

Static

static

zam. 82022...22.xls

windows10-1703-x64

1

zam. 82022...22.xls

windows7-x64

8

Sharing

General

Target

mailbin.eml
Size

559KB
Sample

221125-prvpwabh4v
MD5

8570bb7b99902c1f2136b2d5adb93263
SHA1

1d05424a00bcc0dd8af6df0d508e92fcbeccb0cc
SHA256

9738e526def1c503043948273b6859d467b7fe55fe0bdc6566bcf0afb02b36b5
SHA512

8eb773318a3cf07c479c07fe4b450b23764db1ef43d5e42ff734a311452a0ea3e87d22b3d79f76177c8c35748910fa1d4ebc79e3e4546ca3560d16283fbcbc10
SSDEEP

12288:fcOqk92UwyqIKXjq/lELCuxNtloqPjFzv12Y:ka92UMjqtSxNtfpzv12Y

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

zam. 82022 ZK 1572_PG-PL_2022.xls

Resource

win10-20220901-en

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

zam. 82022 ZK 1572_PG-PL_2022.xls

Resource

win7-20220812-en

windows7-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  zam. 82022 ZK 1572_PG-PL_2022.xls
- Size
  
  395KB
- MD5
  
  760b6e1b06322fbe556f9ddf683b0389
- SHA1
  
  924ec928b6a0d1fd10fc2be6b346225cc2daf23f
- SHA256
  
  400e675021818214d2779c38b2d77b457ef9956518cd812b53bc7f41ca228bca
- SHA512
  
  ed5a3935cbf2e95371dd04a73199cabe5b5b3f41dd5781b20fbc35d6dbde862a31a1eb8a1f1ef95fc328f69ea0e8f551d2af96e043f221692f76bf1c3f701406
- SSDEEP
  
  12288:QdNqrDx7XXXXXXXXXXXXUXXXXXXXrXXXXXXXXEmY9TmJTmpdoZ4bixG70TG:rr5XXXXXXXXXXXXUXXXXXXXrXXXXXXXH
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy