General
-
Target
2313.docx
-
Size
10KB
-
Sample
230215-wvz74ada4w
-
MD5
253d6b141a5a985f978106a7d58a42df
-
SHA1
41702863a0540a764ecbbdb82c868d916af650c6
-
SHA256
d8575bd0c37f55d47438827c191ede404b8e8f764cb5a4d288322692715a423f
-
SHA512
53fa8efc63978e1a7ded63a688533002c6cbc11d2529d167a6a232acbf9fa901568fc42401d21f9d284dc08e4ccccf7439ab29e349100994d9d798fe4c4e0e0d
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOzO+5+5F7Jar/YEChI32x:SPXRE7XtOz7wtar/YECOy
Static task
static1
Behavioral task
behavioral1
Sample
2313.docx
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2313.docx
Resource
win10v2004-20220812-en
Malware Config
Extracted
http:/QQQQWWWWQWWWWQWWQWQWQWQQWQWQQWQWQWQWQWQWQWQQQQQQQQOQQQQQOOOOOOOOQOQQQQOQOQOQOQOQOQQWWWWQWQWQWQWQWQWQWQWQQWQ@2901773865/O.DOC
Targets
-
-
Target
2313.docx
-
Size
10KB
-
MD5
253d6b141a5a985f978106a7d58a42df
-
SHA1
41702863a0540a764ecbbdb82c868d916af650c6
-
SHA256
d8575bd0c37f55d47438827c191ede404b8e8f764cb5a4d288322692715a423f
-
SHA512
53fa8efc63978e1a7ded63a688533002c6cbc11d2529d167a6a232acbf9fa901568fc42401d21f9d284dc08e4ccccf7439ab29e349100994d9d798fe4c4e0e0d
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOzO+5+5F7Jar/YEChI32x:SPXRE7XtOz7wtar/YECOy
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-