835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4 | Triage

Submit
Reports

Overview

overview

8

Static

static

835954a8c5...d4.exe

windows7-x64

8

835954a8c5...d4.exe

windows10-2004-x64

8

Sharing

General

Target

835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
Size

1.4MB
Sample

221127-xbtrmsea5v
MD5

0567bfb2eef3409ab528c5ee0e59e4fe
SHA1

aacc14fe1d94ef9fb521c0bace66515d2c78b098
SHA256

835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
SHA512

7ccb62504252754d9c701a8f7cb4a0aaa4049d99fa43fa62c91bbc361db165e7f6f3d78fbbc25bab6a064d799077d0544586e8efd544c376e7de7c819475de54
SSDEEP

24576:AIR+8WbmTKZ8TYlJQF3IR+8WbmTKZ+60UZX:AIiMYnQF3IifdZX

Score

8^/10

macro macro_on_action

Static task

static1

Behavioral task

behavioral1

Sample

835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4.exe

Resource

win7-20220812-en

macro macro_on_action

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4.exe

Resource

win10v2004-20221111-en

macro macro_on_action

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
- Size
  
  1.4MB
- MD5
  
  0567bfb2eef3409ab528c5ee0e59e4fe
- SHA1
  
  aacc14fe1d94ef9fb521c0bace66515d2c78b098
- SHA256
  
  835954a8c5dfc1654c3f44a88d96a7ce3653c40448d68cf7772faf4ddb74b9d4
- SHA512
  
  7ccb62504252754d9c701a8f7cb4a0aaa4049d99fa43fa62c91bbc361db165e7f6f3d78fbbc25bab6a064d799077d0544586e8efd544c376e7de7c819475de54
- SSDEEP
  
  24576:AIR+8WbmTKZ8TYlJQF3IR+8WbmTKZ+60UZX:AIiMYnQF3IifdZX
Score

8^/10

macro macro_on_action
- Office macro that triggers on suspicious action
  Office document macro which triggers in special circumstances - often malicious.
  macro macro_on_action
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

macromacro_on_action

behavioral2

macromacro_on_action

© 2018-2024

Terms | Privacy