Overview

overview

10

Static

static

1

MV. NEW BR...)..xll

windows7-x64

7

MV. NEW BR...)..xll

windows10-1703-x64

10

MV. NEW BR...)..xll

windows10-2004-x64

10

Resubmissions

19-03-2023 18:05

230319-wpjcdsbf4x 10

04-07-2022 18:06

220704-wprzjaaegl 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MV. NEW BRIDGE (EX THORCO SVENDBORG)..xll

  • Size

    1.7MB

  • Sample

    230319-wpjcdsbf4x

  • MD5

    e772d046be7fbfbe96e90eca5ab20566

  • SHA1

    286d9bcf13c0cb309f9041f2ea03e5ce99848669

  • SHA256

    92c7146dd4dd24206b2c0b9dee831bdd772eced8b8d5c67b3b73e31bababea82

  • SHA512

    4c79623f6c7c557169da85715e69f387ef2d98a16ab35516768ef921e65e791d1301d2574a6703b1e7c9fb6902d69bef341908294ba31469e57321533de70103

  • SSDEEP

    24576:G7wsfP/WNl5dgI/XvETj7g+bWfqHnm9yX1eeXqmqBXQ:G7T3WNdnn+gryHnmqXqm

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      MV. NEW BRIDGE (EX THORCO SVENDBORG)..xll

    • Size

      1.7MB

    • MD5

      e772d046be7fbfbe96e90eca5ab20566

    • SHA1

      286d9bcf13c0cb309f9041f2ea03e5ce99848669

    • SHA256

      92c7146dd4dd24206b2c0b9dee831bdd772eced8b8d5c67b3b73e31bababea82

    • SHA512

      4c79623f6c7c557169da85715e69f387ef2d98a16ab35516768ef921e65e791d1301d2574a6703b1e7c9fb6902d69bef341908294ba31469e57321533de70103

    • SSDEEP

      24576:G7wsfP/WNl5dgI/XvETj7g+bWfqHnm9yX1eeXqmqBXQ:G7T3WNdnn+gryHnmqXqm

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Loads dropped DLL

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks