515763f1332d79dd6fee5b07406230ba63985a00f4c68002480c2ffc9eaa4e2f | Triage

Submit
Reports

Overview

overview

Static

static

1

P.O no. MG...23.rtf

windows7-x64

P.O no. MG...23.rtf

windows10-2004-x64

1

Sharing

General

Target

P.O no. MGE-WJO 900622023.doc
Size

256KB
Sample

230510-xgb4sabe5t
MD5

3424cfffafbf86f25d6164cb52241760
SHA1

d1a18db163281b84c296e4d10c1ce175a0ab3769
SHA256

515763f1332d79dd6fee5b07406230ba63985a00f4c68002480c2ffc9eaa4e2f
SHA512

e71dced2ecede284e8351afaf8bf26868e7e324411fc4516386f0d8c111e59131efd82963f7a3f7cae5bcda8d983a76f396cdaee894ce560f31eef567f40008f
SSDEEP

3072:GLQg8/QZrZhrVOY2VaCMPyabGFhWLMaxYzLfm0qsq:GP8YNrVJ28CMPdGFhaMayfmln

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

P.O no. MGE-WJO 900622023.rtf

Resource

win7-20230220-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

P.O no. MGE-WJO 900622023.rtf

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://172.174.176.153/dll/new_rump_vb.net.txt

Targets

- Target
  
  P.O no. MGE-WJO 900622023.doc
- Size
  
  256KB
- MD5
  
  3424cfffafbf86f25d6164cb52241760
- SHA1
  
  d1a18db163281b84c296e4d10c1ce175a0ab3769
- SHA256
  
  515763f1332d79dd6fee5b07406230ba63985a00f4c68002480c2ffc9eaa4e2f
- SHA512
  
  e71dced2ecede284e8351afaf8bf26868e7e324411fc4516386f0d8c111e59131efd82963f7a3f7cae5bcda8d983a76f396cdaee894ce560f31eef567f40008f
- SSDEEP
  
  3072:GLQg8/QZrZhrVOY2VaCMPyabGFhWLMaxYzLfm0qsq:GP8YNrVJ28CMPdGFhaMayfmln
Score

10^/10
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy