Overview

overview

10

Static

static

1

Notice of ...52.xls

windows7-x64

10

Notice of ...52.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Notice of arrival 05.05 LOG23752.xls

  • Size

    1.5MB

  • Sample

    230505-n6bpwaab89

  • MD5

    25fd5ba135a62005924ca984ff9fd306

  • SHA1

    b4f0b318cca52ba2cce82d54b7a14ca8a3b94104

  • SHA256

    c2cf4d03e70f3ad6b302df2ae9af7a3c0c2516eaff800446ecf05a8e5bc41d3f

  • SHA512

    930fe440c7923ffa87a0dbf4c7e81ab6f0de2814bc5b88d46ee53e3d62f232e96874243365656a803b5f5378302a21c77592b7b5aab516c316da75abe89ae0ad

  • SSDEEP

    24576:+LK3PYnjp//Tznjp//TVnjp//TAInjp//Tuwnjp//TbOlssss7y/HA:+LK3U/rZ/rX/rH/rJ/rbO9y

Score
10/10
phishing

Malware Config

Targets

    • Target

      Notice of arrival 05.05 LOG23752.xls

    • Size

      1.5MB

    • MD5

      25fd5ba135a62005924ca984ff9fd306

    • SHA1

      b4f0b318cca52ba2cce82d54b7a14ca8a3b94104

    • SHA256

      c2cf4d03e70f3ad6b302df2ae9af7a3c0c2516eaff800446ecf05a8e5bc41d3f

    • SHA512

      930fe440c7923ffa87a0dbf4c7e81ab6f0de2814bc5b88d46ee53e3d62f232e96874243365656a803b5f5378302a21c77592b7b5aab516c316da75abe89ae0ad

    • SSDEEP

      24576:+LK3PYnjp//Tznjp//TVnjp//TAInjp//Tuwnjp//TbOlssss7y/HA:+LK3U/rZ/rX/rH/rJ/rbO9y

    Score
    10/10
    phishing

    • Detected phishing page

      phishing

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks