Overview

overview

8

Static

static

1

scan-75748595.docx

windows7-x64

8

scan-75748595.docx

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    scan-75748595.docx.doc

  • Size

    10KB

  • Sample

    230719-hh292ahb3w

  • MD5

    e539fd8fa4abe006c864acfb5018a463

  • SHA1

    d3b2dbb022a2ae4ac1cf9dc9eeca770c180ae6e4

  • SHA256

    8594206acf3c9774c30220d3d9c3bb9f2e2e26faab7b7e8faff25d2087bcfcb1

  • SHA512

    5fb3cabf2e428445ca6191fcb6219b6f582f1825733dbfa34e98014cb9cc9b534aa8626d03d2568b2cf33263e6c8b503ce95bc4325b244d6d1b375a61cf68522

  • SSDEEP

    192:yya0NqsreWwARgZVPCK44AG9xXSJ+Ej7uJYcKwRKmfSWYKcWemF9cY:yyXqsreWwANK4499xXSJf7uJYcjxYKdX

Score
8/10

Malware Config

Targets

    • Target

      scan-75748595.docx.doc

    • Size

      10KB

    • MD5

      e539fd8fa4abe006c864acfb5018a463

    • SHA1

      d3b2dbb022a2ae4ac1cf9dc9eeca770c180ae6e4

    • SHA256

      8594206acf3c9774c30220d3d9c3bb9f2e2e26faab7b7e8faff25d2087bcfcb1

    • SHA512

      5fb3cabf2e428445ca6191fcb6219b6f582f1825733dbfa34e98014cb9cc9b534aa8626d03d2568b2cf33263e6c8b503ce95bc4325b244d6d1b375a61cf68522

    • SSDEEP

      192:yya0NqsreWwARgZVPCK44AG9xXSJ+Ej7uJYcKwRKmfSWYKcWemF9cY:yyXqsreWwANK4499xXSJf7uJYcjxYKdX

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Abuses OpenXML format to download file from external location

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks