563b8804db86f842d0cd46ff0129a877271e8145f2bbc8eca6ba6106f7a0afd9 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

ECEC21BC45...C9.exe

windows7-x64

8

ECEC21BC45...C9.exe

windows10-2004-x64

7

Sharing

General

Target

ECEC21BC458DA2A9F57365C6B937A4C9.exe
Size

1.8MB
Sample

230316-vd64msbh77
MD5

ecec21bc458da2a9f57365c6b937a4c9
SHA1

755ef702c8b7da9312f696788f333292a51f2d48
SHA256

563b8804db86f842d0cd46ff0129a877271e8145f2bbc8eca6ba6106f7a0afd9
SHA512

65bd4598ff7c9afb809eee70a4250e5dafbacbb624ffcc8534d2127c837e8ac9c70fbedbb1cbd90d95b33c469dea2eb0183d3fb57e5e0d966e2972d7243586aa
SSDEEP

49152:5akK7v1gAdM+m+s2jkeMci3ZbfC5S+mti1N7048oBbdTuCg353u9TDam:Q57vqFEsEMci3ZbfCB1N70yu/A93

Score

8^/10

discovery macro macro_on_action

Static task

static1

Behavioral task

behavioral1

Sample

ECEC21BC458DA2A9F57365C6B937A4C9.exe

Resource

win7-20230220-en

discovery macro macro_on_action

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ECEC21BC458DA2A9F57365C6B937A4C9.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  ECEC21BC458DA2A9F57365C6B937A4C9.exe
- Size
  
  1.8MB
- MD5
  
  ecec21bc458da2a9f57365c6b937a4c9
- SHA1
  
  755ef702c8b7da9312f696788f333292a51f2d48
- SHA256
  
  563b8804db86f842d0cd46ff0129a877271e8145f2bbc8eca6ba6106f7a0afd9
- SHA512
  
  65bd4598ff7c9afb809eee70a4250e5dafbacbb624ffcc8534d2127c837e8ac9c70fbedbb1cbd90d95b33c469dea2eb0183d3fb57e5e0d966e2972d7243586aa
- SSDEEP
  
  49152:5akK7v1gAdM+m+s2jkeMci3ZbfC5S+mti1N7048oBbdTuCg353u9TDam:Q57vqFEsEMci3ZbfCB1N70yu/A93
Score

8^/10

discovery macro macro_on_action
- Office macro that triggers on suspicious action
  Office document macro which triggers in special circumstances - often malicious.
  macro macro_on_action
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverymacromacro_on_action

behavioral2

© 2018-2024

Terms | Privacy