a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9 | Triage

Submit
Reports

Overview

overview

Static

static

8

a1e17a1672...9.xlsb

windows7-x64

a1e17a1672...9.xlsb

windows10-2004-x64

Sharing

General

Target

a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9
Size

18KB
Sample

221130-ta57hagc71
MD5

63b8cccfebccb79a7bdb7e873e73e136
SHA1

6fe7e733d69cb912e35913f83abfb354a6e772cd
SHA256

a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9
SHA512

8485416a7d62b8594cea5fba3c78e75d19994e7de6d146d2bff352ce9f670a9005cf666084bd60af9f1a1af698efe531df276c5ecefda890eef0f6d037c1b627
SSDEEP

384:Lka8qJPfSMB419RZAh6sIj8l7P3VEyoROGva81:34ow9RZmpm85Sdv11

Score

10^/10

macro

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9.xlsb

Resource

win7-20221111-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9.xlsb

Resource

win10v2004-20220901-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://fast-cargo.com/images/file/vb/7.vbs

Targets

- Target
  
  a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9
- Size
  
  18KB
- MD5
  
  63b8cccfebccb79a7bdb7e873e73e136
- SHA1
  
  6fe7e733d69cb912e35913f83abfb354a6e772cd
- SHA256
  
  a1e17a1672d4cf06b3bc45cd8001d918d5a11267378a6764b5ee871d45655af9
- SHA512
  
  8485416a7d62b8594cea5fba3c78e75d19994e7de6d146d2bff352ce9f670a9005cf666084bd60af9f1a1af698efe531df276c5ecefda890eef0f6d037c1b627
- SSDEEP
  
  384:Lka8qJPfSMB419RZAh6sIj8l7P3VEyoROGva81:34ow9RZmpm85Sdv11
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy