General
-
Target
045c9a932ad454a9c226e146d761b284_UPDATED ORDER.docx.doc
-
Size
10KB
-
Sample
230216-qgm3qahc5s
-
MD5
045c9a932ad454a9c226e146d761b284
-
SHA1
eba9136f2eb1eef380b1dcdd3745f3ddb3631613
-
SHA256
59087ec2fbf8340268cd3aeeed9e4f3bd107cd2c1852a074f38e3723dfa7cf00
-
SHA512
19fc83fcdee224b4e64a5b333ce732a1bdbc8c086ac2d41a26e00c77dbf6bc22c34637936d8acf1cac4bc0a67ac3012713f432ce147a6137b13382a57579380b
-
SSDEEP
192:ScIMmtP5hG/b7XN+eO4DAO+5+5F7Jar/YEChI3nPV:SPXRE7XtO4DA7wtar/YECOnN
Malware Config
Extracted
http:/QQQQWWWWQWWWWQWWQWQWQWQQWQWQQWQWQWQWQWQWQWQQQQQQQQOQQQQQOOOOOOOOQOQQQQOQOQOQOQOQOQQWWWWQWQWQWQWQWQWQWQWQQWQ@3118348624/O_O.DOC
Targets
-
-
Target
045c9a932ad454a9c226e146d761b284_UPDATED ORDER.docx.doc
-
Size
10KB
-
MD5
045c9a932ad454a9c226e146d761b284
-
SHA1
eba9136f2eb1eef380b1dcdd3745f3ddb3631613
-
SHA256
59087ec2fbf8340268cd3aeeed9e4f3bd107cd2c1852a074f38e3723dfa7cf00
-
SHA512
19fc83fcdee224b4e64a5b333ce732a1bdbc8c086ac2d41a26e00c77dbf6bc22c34637936d8acf1cac4bc0a67ac3012713f432ce147a6137b13382a57579380b
-
SSDEEP
192:ScIMmtP5hG/b7XN+eO4DAO+5+5F7Jar/YEChI3nPV:SPXRE7XtO4DA7wtar/YECOnN
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-