Overview

overview

5

Static

static

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...�.xlsx

windows7-x64

1

邛崃市�...�.xlsx

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...�.xlsx

windows7-x64

1

邛崃市�...�.xlsx

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...�-.xls

windows7-x64

1

邛崃市�...�-.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...�).xls

windows7-x64

1

邛崃市�...�).xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

1

邛崃市�...��.xls

windows7-x64

1

邛崃市�...��.xls

windows10-2004-x64

5

邛崃市�...�.xlsx

windows7-x64

1

邛崃市�...�.xlsx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1ed17c6d225df8511cb8b0fd60ce4fd3e2209d948f669895d85bc0209c5eb2c1

  • Size

    993KB

  • Sample

    221125-w4jlpsaa7z

  • MD5

    7b9c83a941ac5259bf6732bba30af1c8

  • SHA1

    880bc2d64662f0819ce8f454eca6fdbfc8c132c2

  • SHA256

    1ed17c6d225df8511cb8b0fd60ce4fd3e2209d948f669895d85bc0209c5eb2c1

  • SHA512

    f537dbd9bca1597cd88a32f858213d4b23414b2d4ce586ec6a3da23ad5902a45c432d3342c5ad36f8f3f37acf08173a3c8569f9c3656041149198aea5b425ee2

  • SSDEEP

    12288:2yZLIHUJk2AnIKDDvlYTUhQJ6OtNgI86/EM4tKBkSEU2bbolHvShPNG7n9pc2xBh:BCjIWD2w3i/EXtKB35gUPSZY1BzGtS

Score
5/10

Malware Config

Targets

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/传输工程光缆线路验收表邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      21KB

    • MD5

      d6fccfb97fc3c8fc1abda81e2d144e18

    • SHA1

      7aa1ce75eaa845977232e86d9921e57a6b0e6b3a

    • SHA256

      0d227d25226dcf90071593fb0bd3428d05c820faf9b9d4c83c135a0fb77a5d08

    • SHA512

      973086b350c4cc1190727efd6941eb5cced475aa00889b344cc6912822ba34c7b3f2adc82cdbfcdb7ba1dda9900f4ea59e9905e1aa2344b404ac7eeb9cb779f1

    • SSDEEP

      384:geeeqXW6QzJ818eScQtvVPkbsCetvT2ohvyOVRE/lOE4XmQhi2fBq3LqhiVDMcmQ:geeeqXW6QzJ818eScQtvVPkbsCetvT22

    Score
    1/10
    behavioral1behavioral2

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/内线/邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)台账表.xls

    • Size

      23KB

    • MD5

      3338f81495fb7b39aec737f176bf25db

    • SHA1

      d0625d6d41ae8c61f1af6c74fdc5dabe61d4f078

    • SHA256

      8e800283489c400f6e347eaf8b8fd906d376553e0b15e3a5fdf40de3b6011241

    • SHA512

      0b6c0ca3afdf38519e980098c141ab177dc743381af834b08fac426af1160e81ced6505f885156ff34f3ec9debfa858779e9ff7367d3a9553911cee6159d77db

    • SSDEEP

      384:Z5FOOOzPQbe18V8JtckvseSCqICeqaLvT2tsGb3w8Z2g3Zhqbp4/+vYJSKWX4/vo:9OOOzPQbe18V8JtckvseSCqICeqaLvTo

    Score
    1/10
    behavioral3behavioral4

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/内线/邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)跳纤示意图.xls

    • Size

      23KB

    • MD5

      9e22216acf0c447fc4515ed193f8f0e5

    • SHA1

      57e3ec365c448f2217334641f5ce416dc7bbea12

    • SHA256

      f901713b71e5518f68db4bb0c53e47824abc5fde3e5cd2ed3013dd29d4376057

    • SHA512

      63a59145cc549e1da14a27450423fead226157a71f26598ca78ae73a04ede05c469288f83ac0d60984e4d231632d073e3eaaf1d7bc84c1e0f75421973d49923d

    • SSDEEP

      384:1Peee8QSz8MckbzQ1LeP8vVteqYvT2b2ctZam3sqZ34XmQhi1uLp3Lqhi9CmYqlV:deee8QSz8MckbzQ1LeP8vVteqYvT21X6

    Score
    1/10
    behavioral5behavioral6

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/内线/邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)锅分光路器资料表.xlsx

    • Size

      10KB

    • MD5

      84c0aa5d39e344dabe36e22ee4b50ceb

    • SHA1

      73b568c8bf88469ee034f615faeb0dc82d2148cf

    • SHA256

      9ff28a365c05fa56b5172d32d3f961eef619f404f7c69b5562bf13aebb02deb2

    • SHA512

      41eab3b86d15da36cba09578d277d2c04c840dd801f9e0b8f3290d6bc948cdbb2c977e7e2a6ab8e843e10743ea7952fdb05a496296b54ac2a433a06da4564521

    • SSDEEP

      192:Sfgt9l23DjaD89cHx8TxpF3YqqCL5xAEO35Or6vLvIZqX:Szjn+HxyptYy/J+7qqX

    Score
    1/10
    behavioral7behavioral8

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/内线/邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)锅覆盖表.xls

    • Size

      17KB

    • MD5

      92514364c43a743160be6f109fff83ee

    • SHA1

      d1e7810134fcf97ccab02055075158d2bcdf5be3

    • SHA256

      540bd12287d1917243564d06b1fa457435856c992c50ebab0eff749dbe1b66d9

    • SHA512

      c56efc13b8eb1fad1f0229545796dedc481956ab838d887f40c22aa5485cd6e9f42d0ee53789fea442ab8f0f482f51769fe6872231a868b7496698c0e3363d5b

    • SSDEEP

      384:deeesCIJFz+kLei81Xv8cQtVfX/beyXSwtvT2GHt53AQ8trr33m0JJ7b80mmTqik:deeesCIJFz+kLei81Xv8cQtVfX/beyXy

    Score
    1/10
    behavioral10behavioral9

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/固驿片区底商数据规划.xlsx

    • Size

      11KB

    • MD5

      82b868503f48ee5743ca8c0487924ddb

    • SHA1

      08cb5b06da1049b08a2db647e7ccf794c21ce17b

    • SHA256

      3f87fc00a0098a44f28968f9f897dcac39eea227aa9605d8e8062c0b37d37a02

    • SHA512

      65dee39d7020023407c2d39a3846bd8170ff4ccc433613672afae6459889ff263ef3ff6fdab35b3744a9d0653f57087ef7248508a0035ee0f1e390c5d761acb3

    • SSDEEP

      192:8RuQ59vSKiHBNUgdRhjal3zkjX3zk3aovnaUV8IsCieMfsl7peu9Jy8ij+:O5lSHnOljkjXjk3ao/VTMfsX+8p

    Score
    1/10
    behavioral11behavioral12

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/光纤调度反馈表-邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      33KB

    • MD5

      d68ead432728c8d60eb155ac049d0ea2

    • SHA1

      8c7160867f0449792701eab7085da508af72d210

    • SHA256

      9a01e9890a558cff0f9abbb52de65bece3090e26094d9e953ff9f366c98ad050

    • SHA512

      2f85237e8d02e6129b4b8eb4dc3df22ba258aa6e4149b0ce82bfd619d51fa3997d631f3adedbb62ec730b95b4933bf82b491088e722f7a628fc356c09e4fa6b6

    • SSDEEP

      768:x+++QYf8lX8zke1SPQJtXVfiLczbLsmIqqemqjvT2r7lo9DvTdDRbLbxXE32gFlY:x+++QYf8J8zke1SPQJtXVfiLczbLsmIi

    Score
    1/10
    behavioral13behavioral14

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/光缆信息表-邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      21KB

    • MD5

      339ab1be2c9ae4f4e22429d8136bd512

    • SHA1

      b02ad2a0c25be9ebdca67ca0d8ad617901aa323c

    • SHA256

      382b00c83815012d6237b6ef5ea0dbf10ffedc67cead1c2b667bfc730d294715

    • SHA512

      606ec552b109fc3bba5da126f73bec54de600961657f19e0a5c7fc99876a6b4c038e75954929630ba7b25641355d2cfe630ce44884d13210025b993a7327b5b8

    • SSDEEP

      384:Ia+++zJet8kcSe8bv/1VMQPHCI06qq3vT2ujFkIfzS1PIShqbp4/gnX/KWX4/+o4:Ia+++zJet8kcSe8bv/1VMQPHCI06qq3t

    Score
    1/10
    behavioral15behavioral16

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/光缆成端信息表-邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      20KB

    • MD5

      01c54b866dc7b9f2f9858b961c2cf0b2

    • SHA1

      928f5ca3e88a86e46ecbc0c0b72eb81488489daf

    • SHA256

      d01e6537b9314bda6ad8a5920b06213d6764b524acf020ebcefc0ebc811ee302

    • SHA512

      fac5ea64b665293d2a531b039e011881c96335321acee3e1047b52954434546c12449e7718a5b75312cb78f74ec44e56be3b9c10c91ab88ac4688a5e53449f44

    • SSDEEP

      384:LuuueQ8zS1t8cPvsezQbkVLfCqmqJvT2yIrN8AHbKdXAKte/l8bs0xP+Sj8baUfO:LuuueQ8zS1t8cPvsezQbkVLfCqmqJvTu

    Score
    1/10
    behavioral17behavioral18

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/光缆接头信息表-邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      15KB

    • MD5

      1bce5f63538ceefc9c616aa84a9d7dfa

    • SHA1

      fe66bdbb6fc2478c907146fecbe39977058c2b9b

    • SHA256

      41a16d224dabd2f60693a16329b0758e293e4dd14907daca579ad5016871af66

    • SHA512

      66260577f172de40953e06ec2e3e95b18ad8bee1fad8bb77ec35b6c8b49563cbee592743af5b2716fc5583c5685d3661c75707269f6f37b81eb14fa8d75a4480

    • SSDEEP

      384:w+++zvJS8bQ8cVe1tes/PkHspWqq3vT20lDeCx1YzhCYhqbp4/eWPmKWX4/azmYR:w+++zvJS8bQ8cVe1tes/PkHspWqq3vTc

    Score
    1/10
    behavioral19behavioral20

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/光缆预留信息表邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      15KB

    • MD5

      e8cccbcfde7c68559cfc86f7838a2c1e

    • SHA1

      b43176fbd2a7e833f331f636ea9d06a8465edfb9

    • SHA256

      7b99e1b5567102bbf2da12802bc68481bdd3a26e5d89e4edcb32242551ab4c6f

    • SHA512

      7473efff39dad61dfb0be0055afa6527b96cf56b429409c8b763d56ef444de22671c99a73cd500ba339129c8cca2f3ccf351ef0293a5000735dd7cb7d91e2b2c

    • SSDEEP

      384:1+++szJ8eS/8Hc1evtVbQPkpWqIq3vT2llDeCx1YzhCY8jiktmbwlIDvetmVgmYF:1+++szJ8eS/8Hc1evtVbQPkpWqIq3vTs

    Score
    1/10
    behavioral21behavioral22

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/管道信息表(无).xls

    • Size

      16KB

    • MD5

      596e940142cbaefcaf5eb61b6179c1bc

    • SHA1

      177c7e1c22efa6660771cc5748fcca1813d68fb1

    • SHA256

      1d57f28bc2209498e1d88b9a6860386ab5b0eaee21b4bd7905e10e59b11c3632

    • SHA512

      84ea9bf63a4277688958c60e04992b0369775bb9aeb956aee750ee9fb7079ccd281010651b6bfe253dbff0db6959a279decbd3e6e092580f5b3c7c25b1d50afc

    • SSDEEP

      384:feeeSz8tV8e1r/vcHPkJQbQCpesq3vT2yTQKX7MgN687N8jiktmybU0DvetmAnmC:feeeSz8tV8e1r/vcHPkJQbQCpesq3vTr

    Score
    1/10
    behavioral23behavioral24

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/外线/管道资源施工反馈表(无).xls

    • Size

      19KB

    • MD5

      b8a821f1f415904f3425796696c4bff5

    • SHA1

      1c4a9f3d5089d1f756d27ccf491de133a70eb19e

    • SHA256

      0d3592ee31e2bd614397af3463d61ca631cd51c312097edea0c4b9c9523c675b

    • SHA512

      d6749435eb439edbeba57fb9ce79f3cfe56bf90ad428442493f7c49a13d7a3864f6e6f6eae1bfcdc5badc3c086e72c920fcfbaed40820305ac1d6fed0ca0e2dd

    • SSDEEP

      384:VSeeezQ8JcSkbs1QPv8VtefCqJvT2R4SPTUoFikTFhqbp4/gJHWKWX4/J9mYq8E+:VSeeezQ8JcSkbs1QPv8VtefCqJvT2U3P

    Score
    1/10
    behavioral25behavioral26

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/线路验收汇总表邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      15KB

    • MD5

      c866b5d2f613e5166a17cfa43cb50376

    • SHA1

      25c971856b40b7a9411cc37b153efa0ad1af9ff8

    • SHA256

      5e131baa32d05fa50269f88f0c2ee887f29f6843b1ec66faddaf7a3cf8e87bad

    • SHA512

      901404e5a8da136aa59ba5abf4d23b70ed1b511f0268f738ec4f2ab0e22e82b6e3411e8fc380b7c60119f2453b70516f5a923146c97a09c79aae678f33a3597a

    • SSDEEP

      384:seeemCOiq6QJ1zS8c8ebskvtQPVetvT21fPB4UT/+RjU+0bqs1ev5ha7Hm1eaUmt:seeemCOiq6QJ1zS8c8ebskvtQPVetvT6

    Score
    1/10
    behavioral27behavioral28

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/传输工程光缆线路验收表邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街).xls

    • Size

      21KB

    • MD5

      d6fccfb97fc3c8fc1abda81e2d144e18

    • SHA1

      7aa1ce75eaa845977232e86d9921e57a6b0e6b3a

    • SHA256

      0d227d25226dcf90071593fb0bd3428d05c820faf9b9d4c83c135a0fb77a5d08

    • SHA512

      973086b350c4cc1190727efd6941eb5cced475aa00889b344cc6912822ba34c7b3f2adc82cdbfcdb7ba1dda9900f4ea59e9905e1aa2344b404ac7eeb9cb779f1

    • SSDEEP

      384:geeeqXW6QzJ818eScQtvVPkbsCetvT2ohvyOVRE/lOE4XmQhi2fBq3LqhiVDMcmQ:geeeqXW6QzJ818eScQtvVPkbsCetvT22

    Score
    5/10

    • Drops file in System32 directory

    behavioral29behavioral30

    • Target

      邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/邛崃市固驿片区底商(正街133#附1#、建设街101#、金竹街)/内线/固驿片区底商数据规划.xlsx

    • Size

      10KB

    • MD5

      600a8e2ea3e55f6e0772fcebd559c8c6

    • SHA1

      e1dc0416d3460e84ab606b24c623ff959b899407

    • SHA256

      31e768f03b8229e88b2290d4ad1ad8a3e5e8964ae56772fdcb8134d8c4816acf

    • SHA512

      c45220c03f431004a0308a0ac787962af3699c4f6ba4c7cf38b9f3310fec8f249a56b73c3b85c91271b46bfd9cb9ca3a880f7ebab7704224460f63081e9ba0e5

    • SSDEEP

      192:kQAlnRFzmwB1A6PSBgl5LbIzm728w6eCYcTktKyzBADs:kQAlnRF3K5Bgl5LbcmKhfcTKas

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v6

Tasks