Overview

overview

10

Static

static

8

a2f07c6892...b.docm

windows7-x64

10

a2f07c6892...b.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b

  • Size

    24KB

  • Sample

    221128-d6agpsca39

  • MD5

    41e4704e3df740dd52892e2a8050a184

  • SHA1

    d28771e1d01e02639ef5265ed774824bdbcd8b74

  • SHA256

    a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b

  • SHA512

    0e70b94526d48235d06c9a87e9a19f6f69af1f9bbf4e3787281676320b119061590dbebf75be40a0e252f4432a3b164db24a2f2a416e6a15cd2763eeab1297b2

  • SSDEEP

    384:0Cdfgra/RjfuFsp9ZpaAvmODnLy3PuBHmbPFdGDCnZ21OP:mra/ci7ZpxmwLQuBMPvGDzO

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://danidata.dk/js/bin.exe

Targets

    • Target

      a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b

    • Size

      24KB

    • MD5

      41e4704e3df740dd52892e2a8050a184

    • SHA1

      d28771e1d01e02639ef5265ed774824bdbcd8b74

    • SHA256

      a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b

    • SHA512

      0e70b94526d48235d06c9a87e9a19f6f69af1f9bbf4e3787281676320b119061590dbebf75be40a0e252f4432a3b164db24a2f2a416e6a15cd2763eeab1297b2

    • SSDEEP

      384:0Cdfgra/RjfuFsp9ZpaAvmODnLy3PuBHmbPFdGDCnZ21OP:mra/ci7ZpxmwLQuBMPvGDzO

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks