66ec2ab15339cd87a85251ab25ce2f9c72ea07f3e9368b3c11833664a6d76d7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO.xls
Size

1.1MB
Sample

221129-hzdyrsfh94
MD5

0e425718e0b9018466cb365ebef6849f
SHA1

0a169482aa9b5fd97ba06168632a392af9ea0baf
SHA256

66ec2ab15339cd87a85251ab25ce2f9c72ea07f3e9368b3c11833664a6d76d7b
SHA512

b05fa84444bf7c490ec2b65c682c4579f0fd1c0cf7ecaf865cf379559e1834472e4831a5df1b257bdcfba9f950dcac43f573fc9f46d228c92daeb510e7cabaff
SSDEEP

24576:/yDr5XXXXXXXXXXXXUXXXXXXXSXXXXXXXXmmkr5XXXXXXXXXXXXUXXXXXXXSXXXH:06BK0pR

Score

8^/10

Malware Config

Targets

- Target
  
  PO.xls
- Size
  
  1.1MB
- MD5
  
  0e425718e0b9018466cb365ebef6849f
- SHA1
  
  0a169482aa9b5fd97ba06168632a392af9ea0baf
- SHA256
  
  66ec2ab15339cd87a85251ab25ce2f9c72ea07f3e9368b3c11833664a6d76d7b
- SHA512
  
  b05fa84444bf7c490ec2b65c682c4579f0fd1c0cf7ecaf865cf379559e1834472e4831a5df1b257bdcfba9f950dcac43f573fc9f46d228c92daeb510e7cabaff
- SSDEEP
  
  24576:/yDr5XXXXXXXXXXXXUXXXXXXXSXXXXXXXXmmkr5XXXXXXXXXXXXUXXXXXXXSXXXH:06BK0pR
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2