General
-
Target
39999753f89f21851b943b83359b3738e180129a239cc4e424ebb077ec738d2f.zip
-
Size
7KB
-
Sample
230217-2az99ahc6v
-
MD5
0712f75451381871c5e84b2c6ea9fe01
-
SHA1
9baaf615142297a98cda9f4a1c34aa0445bc686b
-
SHA256
85e2133d88759a371d666d28304d3a6431921a1023199ae0b14b9b94df9b3dab
-
SHA512
a6286ffb7493afa8caab8183a491e17b3749fc81e128eb941d14d4af50d2d08277449fadd6bc7090b29ccc3bee64f681d426a69a3fd23801d82277ab2e898bc8
-
SSDEEP
192:c9y/3NJ11ES+FAg0trruJvmE3y3hNGhx2139Xx7iu8FU27z5F:co/fUXaClz3yRAhx2139XxOu6P7
Static task
static1
Behavioral task
behavioral1
Sample
39999753f89f21851b943b83359b3738e180129a239cc4e424ebb077ec738d2f.docx
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
39999753f89f21851b943b83359b3738e180129a239cc4e424ebb077ec738d2f.docx
Resource
win10v2004-20220901-en
Malware Config
Extracted
http:/QQQQWWWWQWWWWQWWQWQWQWQQWQWQQWQWQWQWQWQWQWQQQQQQQQOQQQQQOOOOOOOOQOQQQQOQOQOQOQOQOQQWWWWQWQWQWQWQWQWQWQWQQWQ@1332625038/O.DOC
Targets
-
-
Target
39999753f89f21851b943b83359b3738e180129a239cc4e424ebb077ec738d2f.doc
-
Size
10KB
-
MD5
d7976a1b0ba9ef31b265e27f03cfc3b8
-
SHA1
1d0671fd17080358afc60b501d0d13b222628ac7
-
SHA256
39999753f89f21851b943b83359b3738e180129a239cc4e424ebb077ec738d2f
-
SHA512
1b6dd881fa1b0e68ff1715636182e9db0cb1a827dd8ca7cc029c863485c23d72938d838f67334dd8b3445f919371ed91b9b888e5702136087aa48c1188acb5c9
-
SSDEEP
192:ScIMmtP5hG/b7XN+eOneQjO+5+5F7Jar/YEChI3Lt:SPXRE7XtOP7wtar/YECO5
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-