General
-
Target
Purchase Order.zip
-
Size
545KB
-
Sample
230125-l83v2ahd2v
-
MD5
cc5b16d73491511b74c196b841d9b7fb
-
SHA1
a6731183befd09e6c6970d950b756ea1c3be16a6
-
SHA256
818e0bab11bfd5cd7c55356efce17fe8c2024a193d968cfb18f70d15a0d12951
-
SHA512
a515fffd72b3e5dfdf264d70e2f012256946b56337224c1ef64ea99d72d11d33bc7334e466aab3da0abeca72aa44e912b568a1d1031e318d569c60c9cdfbe611
-
SSDEEP
12288:bpyUo7l/0EfmW6Nem8pjq0/6P2XwXu4y/KF/+Ht/KmPW9uj8:Y0yaNemGqK6PWAubw89LbY
Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Purchase Order.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
Purchase Order.exe
-
Size
615KB
-
MD5
ec15ab6bec865de98d39f4ab8e73fe1b
-
SHA1
95e0fb211f31673dd6f9f4e74360b184250d3fde
-
SHA256
f56c8e197bbe551942b7e01808646b1ccbb01e8d43fc2ba3e5a6017e40e8e1d4
-
SHA512
04efb4548509befdcf4a0dd5e61a9e46d9313aeae82f9779d7e2edae8f2f42f058945cf89871f382f1e1b96f065a07e3189a7edd039eb53a7640fe7afd8ccc82
-
SSDEEP
12288:OmCglZ6MneQ8/aR/O11EqQNIAW8FzQS/dlf2XwE7jo9av/Ksq/Ks6/Ks:tRKAKihcYNrWKQkddW/3OOiS
Score7/10-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-