General
-
Target
proof of payment & invoice copy.docx.doc
-
Size
10KB
-
Sample
230130-j7bdaabc8y
-
MD5
050e0cb03d4c8149ab1c2f38606fbcda
-
SHA1
018af45ad250355375afe06b0036e4333bb620f5
-
SHA256
98bfc226fd8e2e3c85804c39908a69d29cf80470797aaad99beb9f48aaf2daf6
-
SHA512
8aef1f075e219e344d61b4d5eea5f3275d0f931ceb3b6933714f438a06a3b2918e28bb231a797f19c3c8667a30ac7985fbd94180b048bb081369ef25a0a77ce5
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOp8et9O+5+5F7Jar/YEChI31l:SPXRE7XtORj7wtar/YECOL
Static task
static1
Behavioral task
behavioral1
Sample
proof of payment & invoice copy.docx
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
proof of payment & invoice copy.docx
Resource
win10v2004-20220901-en
Malware Config
Extracted
http://dgdfghfjfghfghfghgfhfghfgsdgfggdfgdfgertdfgdfgdfg@3569425924/h.doc
Targets
-
-
Target
proof of payment & invoice copy.docx.doc
-
Size
10KB
-
MD5
050e0cb03d4c8149ab1c2f38606fbcda
-
SHA1
018af45ad250355375afe06b0036e4333bb620f5
-
SHA256
98bfc226fd8e2e3c85804c39908a69d29cf80470797aaad99beb9f48aaf2daf6
-
SHA512
8aef1f075e219e344d61b4d5eea5f3275d0f931ceb3b6933714f438a06a3b2918e28bb231a797f19c3c8667a30ac7985fbd94180b048bb081369ef25a0a77ce5
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOp8et9O+5+5F7Jar/YEChI31l:SPXRE7XtORj7wtar/YECOL
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Abuses OpenXML format to download file from external location
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-