General
-
Target
Payment.docx.doc
-
Size
10KB
-
Sample
230216-nkzvkshc84
-
MD5
8d85d75b8789542275b8c85e25e04a32
-
SHA1
f41f9fa9dc5cc1dbea292c1df3e8d782e4e794a6
-
SHA256
a99b1a18139506f5cf6a7dcaa6715090381720ace26899d4b664ec00ea95cac2
-
SHA512
0de62e75ed1154bd556a245b0bd84817da5d9cde2c63683fd3d09ff80748c56b3565a8c6d0825ef1b76204f9ba9191a57aea37fcb69381351112bf66de17c6d5
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOb3O+5+5F7Jar/YEChI32x:SPXRE7XtOj7wtar/YECOy
Static task
static1
Behavioral task
behavioral1
Sample
Payment.docx
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Payment.docx
Resource
win10v2004-20220901-en
Malware Config
Extracted
http:/QQQQWWWWQWWWWQWWQWQWQWQQWQWQQWQWQWQWQWQWQWQQQQQQQQOQQQQQOOOOOOOOQOQQQQOQOQOQOQOQOQQWWWWQWQWQWQWQWQWQWQWQQWQ@3118348624/OO.DOC
Targets
-
-
Target
Payment.docx.doc
-
Size
10KB
-
MD5
8d85d75b8789542275b8c85e25e04a32
-
SHA1
f41f9fa9dc5cc1dbea292c1df3e8d782e4e794a6
-
SHA256
a99b1a18139506f5cf6a7dcaa6715090381720ace26899d4b664ec00ea95cac2
-
SHA512
0de62e75ed1154bd556a245b0bd84817da5d9cde2c63683fd3d09ff80748c56b3565a8c6d0825ef1b76204f9ba9191a57aea37fcb69381351112bf66de17c6d5
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOb3O+5+5F7Jar/YEChI32x:SPXRE7XtOj7wtar/YECOy
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-