e95ba35b4f674a525cbe1a09935db84ea766bad5257486c5ace7dc892e7e9baa | Triage

Submit
Reports

Overview

overview

Static

static

8

PURCHASEORDER....xls

windows7-x64

PURCHASEORDER....xls

windows10-2004-x64

Sharing

General

Target

PURCHASEORDER....xls
Size

1.5MB
Sample

230324-hd3p1aeg7x
MD5

2c27d6fe88c0546e5de604ce50e3a83c
SHA1

3a68164d3171b661f4ed5dafbcd5e73812fd42fc
SHA256

e95ba35b4f674a525cbe1a09935db84ea766bad5257486c5ace7dc892e7e9baa
SHA512

65d5d7f8b89f688ebc4248ae985f169f4191c6a88189e8788ef285fbdabf6fbbe2424296543dd9b23f37775ea87d667006a05cdd632b5324a9bca883db956e94
SSDEEP

24576:52Tbq8KPsUGRoG1t6EWOEMhpaMNzl8raUtGCn113y4RzuCr2izm/EcUAbFNLGeue:Ev5K/G3v6EWxNMNzlMRtGCn113y4RaCY

Score

10^/10

macro macro_on_action

Static task

static1

macro macro_on_action

1 signatures

Behavioral task

behavioral1

Sample

PURCHASEORDER....xls

Resource

win7-20230220-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

PURCHASEORDER....xls

Resource

win10v2004-20230220-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  PURCHASEORDER....xls
- Size
  
  1.5MB
- MD5
  
  2c27d6fe88c0546e5de604ce50e3a83c
- SHA1
  
  3a68164d3171b661f4ed5dafbcd5e73812fd42fc
- SHA256
  
  e95ba35b4f674a525cbe1a09935db84ea766bad5257486c5ace7dc892e7e9baa
- SHA512
  
  65d5d7f8b89f688ebc4248ae985f169f4191c6a88189e8788ef285fbdabf6fbbe2424296543dd9b23f37775ea87d667006a05cdd632b5324a9bca883db956e94
- SSDEEP
  
  24576:52Tbq8KPsUGRoG1t6EWOEMhpaMNzl8raUtGCn113y4RzuCr2izm/EcUAbFNLGeue:Ev5K/G3v6EWxNMNzlMRtGCn113y4RaCY
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy