Overview

overview

10

Static

static

1

pago_USD_63738.xlam

windows7-x64

10

pago_USD_63738.xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    pago_USD_63738.xlam

  • Size

    585KB

  • Sample

    230817-w5kv6adg4t

  • MD5

    871cbe0e041b5e36ce3c22398bef5cea

  • SHA1

    4c40e86464552f32255473e2d7ee34a8af838386

  • SHA256

    b447b219de2202a76d19369d4714c191e9f13035ba8b1377136d4ae7fb9ebf09

  • SHA512

    6c23b274c72cf41561fc80d0ce25d2d1bef4496e79b8a00e01210e8ab5fad8fd619ef29406ebd8bf4dea3bdf175fa8753eda4927e006a0ab63a0690288a0d2fa

  • SSDEEP

    12288:XF7AOEmhGY226odn9rZHgL3Tz6jxsboLh50wG8cabSgltcRuOrF:YmhGY22v9rZHgL3Sjx64jjG8zhvMVrF

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
exe.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

Targets

    • Target

      pago_USD_63738.xlam

    • Size

      585KB

    • MD5

      871cbe0e041b5e36ce3c22398bef5cea

    • SHA1

      4c40e86464552f32255473e2d7ee34a8af838386

    • SHA256

      b447b219de2202a76d19369d4714c191e9f13035ba8b1377136d4ae7fb9ebf09

    • SHA512

      6c23b274c72cf41561fc80d0ce25d2d1bef4496e79b8a00e01210e8ab5fad8fd619ef29406ebd8bf4dea3bdf175fa8753eda4927e006a0ab63a0690288a0d2fa

    • SSDEEP

      12288:XF7AOEmhGY226odn9rZHgL3Tz6jxsboLh50wG8cabSgltcRuOrF:YmhGY22v9rZHgL3Sjx64jjG8zhvMVrF

    Score
    10/10

    • Blocklisted process makes network request

    • Drops startup file

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks