General
-
Target
20899b27a51843830df2084dce88cc97d752a7e2dd1a64ad3238080a145fceaf.zip
-
Size
7KB
-
Sample
230308-nes5vafd2s
-
MD5
876d2e840b9c1935c720e7b2e99f2617
-
SHA1
6777d0073f5074737086cfb85b09f913f71becd6
-
SHA256
7824023fb8fd0606c37c13e271456d5eeae5eb834f18f5b8f397c2105812da3f
-
SHA512
23e5a76d5844996b2d082b94b74614aaac4049f9bf0293e64e918b09a761e8a5597a53151ba25ea72a60a916143d283833221dd9cf10dc43f30123041182f194
-
SSDEEP
192:ZSGOgM8VZjYvMk2sWyAkKSUKPtDeE/f0PMU9KieF/nfOq1JKe:ZSFgM8/YvZey/KQDeXPMUU5tnj1Ee
Static task
static1
Behavioral task
behavioral1
Sample
20899b27a51843830df2084dce88cc97d752a7e2dd1a64ad3238080a145fceaf.docx
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
20899b27a51843830df2084dce88cc97d752a7e2dd1a64ad3238080a145fceaf.docx
Resource
win10v2004-20230221-en
Malware Config
Extracted
http://WWWEEEEERWEEWWWE0E090W0DDF0F9S0WEWRWQQQ09EW0QQQQQQQQQQQ09W9WEREWRRRRRRRR090R00R2333RERERZZZZ090ZXXX0XXXXXX00XX@392095676/31.31.31.doc
Targets
-
-
Target
20899b27a51843830df2084dce88cc97d752a7e2dd1a64ad3238080a145fceaf.doc
-
Size
10KB
-
MD5
f300f686821deba927b954a36cb74874
-
SHA1
1c076c17f47e2942035fcf63709aa85213c4f83d
-
SHA256
20899b27a51843830df2084dce88cc97d752a7e2dd1a64ad3238080a145fceaf
-
SHA512
7ddb21922884a405da9a865953c767eafec3ee2ea60b39de3388319cff15d74f11818e391823a42a38729bf973cb86edaee7fe503e7ed75da8d3cd728bcd0e68
-
SSDEEP
192:ScIMmtP1aIG/bslPL++uOAl+CVWBXJC0c3De:SPXU/slT+LOAHkZC9q
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Drops file in System32 directory
-