General
-
Target
UPDATED ORDER.docx.zip
-
Size
7KB
-
Sample
230216-sq122shg8v
-
MD5
ed282229775b9e6f07d7663c353684eb
-
SHA1
f3877603cd65b288d89ea3b848a175e1a31f73bf
-
SHA256
e2d05d32d5072991f4ecf2e808e70648d98cf019fb49eca37634c510c5736b03
-
SHA512
646b04afe928ae0434fe0bf90fd531d5277e91afb7c5803fae2b2dfbb9dc9308fa9970c290ac11bd68e8da214b8e16fa1c068c6f47f87bed5944233903daa202
-
SSDEEP
192:aJeHLmAR4Nh1/8PT3rslmxeBxPME12BUZiYd9VY:CeH54Nh1cslmaPME4BciM9VY
Static task
static1
Behavioral task
behavioral1
Sample
UPDATED ORDER.docx
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
UPDATED ORDER.docx
Resource
win10v2004-20220901-en
Malware Config
Extracted
http:/QQQQWWWWQWWWWQWWQWQWQWQQWQWQQWQWQWQWQWQWQWQQQQQQQQOQQQQQOOOOOOOOQOQQQQOQOQOQOQOQOQQWWWWQWQWQWQWQWQWQWQWQQWQ@3118348624/O_O.DOC
Targets
-
-
Target
UPDATED ORDER.docx
-
Size
10KB
-
MD5
045c9a932ad454a9c226e146d761b284
-
SHA1
eba9136f2eb1eef380b1dcdd3745f3ddb3631613
-
SHA256
59087ec2fbf8340268cd3aeeed9e4f3bd107cd2c1852a074f38e3723dfa7cf00
-
SHA512
19fc83fcdee224b4e64a5b333ce732a1bdbc8c086ac2d41a26e00c77dbf6bc22c34637936d8acf1cac4bc0a67ac3012713f432ce147a6137b13382a57579380b
-
SSDEEP
192:ScIMmtP5hG/b7XN+eO4DAO+5+5F7Jar/YEChI3nPV:SPXRE7XtO4DA7wtar/YECOnN
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-