d300bd3ed7461b1c05c983a03ab34d07e23f8233bebab33c52631303de624c1a

General

Target

NEW PO LIST 02009 GREEN VALLEY.xlam
Size

672KB
Sample

230825-wl1r9seb34
MD5

33e8fb7aa9f005ccb2e9fb681f087366
SHA1

b45c204899eb12874dca86cc7b4e12af7dbe5dba
SHA256

d300bd3ed7461b1c05c983a03ab34d07e23f8233bebab33c52631303de624c1a
SHA512

18750e93e945e3f850d314ab5c3f6eebeccf3c552b6da0fb5b195f17e6cdef96521535475c8a912ab8da570fc78228b7601dbe99ff4cff9853bb2f51a03e9d1e
SSDEEP

12288:d0dNkjFUgZAurY/a93VUmy8GQxMi4T+0J852WWqoq7lHoyPm3MywDcTYIj1CsB:2Eb0mycMiY+yI2WWylHo0mhYW19B

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

ps1.dropper

https://uploaddeimagens.com.br/images/004/559/510/original/rump_private.jpg?1690504129

exe.dropper

https://uploaddeimagens.com.br/images/004/559/510/original/rump_private.jpg?1690504129

Targets

- Target
  
  NEW PO LIST 02009 GREEN VALLEY.xlam
- Size
  
  672KB
- MD5
  
  33e8fb7aa9f005ccb2e9fb681f087366
- SHA1
  
  b45c204899eb12874dca86cc7b4e12af7dbe5dba
- SHA256
  
  d300bd3ed7461b1c05c983a03ab34d07e23f8233bebab33c52631303de624c1a
- SHA512
  
  18750e93e945e3f850d314ab5c3f6eebeccf3c552b6da0fb5b195f17e6cdef96521535475c8a912ab8da570fc78228b7601dbe99ff4cff9853bb2f51a03e9d1e
- SSDEEP
  
  12288:d0dNkjFUgZAurY/a93VUmy8GQxMi4T+0J852WWqoq7lHoyPm3MywDcTYIj1CsB:2Eb0mycMiY+yI2WWylHo0mhYW19B
Score

10^/10
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

1

T1203

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2