General
-
Target
new-order PI-No202307110.XLS.docx
-
Size
11KB
-
Sample
230808-klbbtsda7z
-
MD5
ed203e9a95bb5aed220c02e3e41840aa
-
SHA1
5b90a10971c35a3f45e58e122c0e25e4049cbb98
-
SHA256
4338ea7febcb6a73ff3a463dc3ff90d8330bfd2cd6d5f760dfe5516c74bdba69
-
SHA512
9aeafbe447f47a30ebea465fc759f5dc27fb18c49ac5ff34d23075f04f4943f2f95a56a462840c0e12a5636b1cf937308f8041359bc43a00c9e34e5f3cf3c2be
-
SSDEEP
192:mya0NnReBWk4N5eNA2A+EnVs+mg1SoBOJYaO36PvdrK16LvnY93cWeszUyDjB:myXnReBWku5+A2bkBdBOJYaOqPg6Lw9Z
Static task
static1
Behavioral task
behavioral1
Sample
new-order PI-No202307110.XLS.docx
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
new-order PI-No202307110.XLS.docx
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
new-order PI-No202307110.XLS.docx
-
Size
11KB
-
MD5
ed203e9a95bb5aed220c02e3e41840aa
-
SHA1
5b90a10971c35a3f45e58e122c0e25e4049cbb98
-
SHA256
4338ea7febcb6a73ff3a463dc3ff90d8330bfd2cd6d5f760dfe5516c74bdba69
-
SHA512
9aeafbe447f47a30ebea465fc759f5dc27fb18c49ac5ff34d23075f04f4943f2f95a56a462840c0e12a5636b1cf937308f8041359bc43a00c9e34e5f3cf3c2be
-
SSDEEP
192:mya0NnReBWk4N5eNA2A+EnVs+mg1SoBOJYaO36PvdrK16LvnY93cWeszUyDjB:myXnReBWku5+A2bkBdBOJYaOqPg6Lw9Z
Score10/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-