General
-
Target
fdsff131.docx
-
Size
10KB
-
Sample
230131-nbkz3ahh31
-
MD5
371a1e692de56e1513ef40c189d2127a
-
SHA1
f1d2458b41a032076dc514b900d6b478974149a3
-
SHA256
629cd58bcd9079af6d9d67fa58270e634cc9b79b7b66e5504c92f1163f6f06f0
-
SHA512
c63ac451e5330fec104c4f7ca97f7938329809333e608ec8e1500bfa77430568744c0f64afcda551882c703fafc10dda8cfac98fda1a73bac6170ccb95ddbccd
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOs7O+5+5F7Jar/YEChI3s5:SPXRE7XtOs77wtar/YECOA
Static task
static1
Behavioral task
behavioral1
Sample
fdsff131.docx
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
fdsff131.docx
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://dgdfgh0000000fjfghfghfgh000000000gfhfghfgs00000dgfggdfgdfgert0000000dfgdfgdfg@3569425924/__________________o.doc
Targets
-
-
Target
fdsff131.docx
-
Size
10KB
-
MD5
371a1e692de56e1513ef40c189d2127a
-
SHA1
f1d2458b41a032076dc514b900d6b478974149a3
-
SHA256
629cd58bcd9079af6d9d67fa58270e634cc9b79b7b66e5504c92f1163f6f06f0
-
SHA512
c63ac451e5330fec104c4f7ca97f7938329809333e608ec8e1500bfa77430568744c0f64afcda551882c703fafc10dda8cfac98fda1a73bac6170ccb95ddbccd
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOs7O+5+5F7Jar/YEChI3s5:SPXRE7XtOs77wtar/YECOA
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Abuses OpenXML format to download file from external location
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-