Overview

overview

4

Static

static

1

Cover Lett...AF.doc

windows7-x64

4

Cover Lett...AF.doc

windows10-2004-x64

3

EFT Form 2023.pdf

windows7-x64

1

EFT Form 2023.pdf

windows10-2004-x64

1

GO-1525 Su...m.docx

windows7-x64

4

GO-1525 Su...m.docx

windows10-2004-x64

1

Supplier C...).xlsx

windows7-x64

1

Supplier C...).xlsx

windows10-2004-x64

1

Supplier E...ns.pdf

windows7-x64

1

Supplier E...ns.pdf

windows10-2004-x64

1

Vendor-Tax...n.docx

windows7-x64

4

Vendor-Tax...n.docx

windows10-2004-x64

1

W9.pdf

windows7-x64

1

W9.pdf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    (US CCN) - Chevron Request For Information (RITM1792916).eml

  • Size

    1.4MB

  • Sample

    230913-cwxzksha5s

  • MD5

    0d64169fec8b7889c654a9dcbf4dde90

  • SHA1

    f43f4b03ff2361c501e7c3adf75089a34bba3a2b

  • SHA256

    f5cf9afaa2944a1318e8b23dbc7685ed12558933879b4c475facb42b3fb540ea

  • SHA512

    fa4f3be3e14bab4964ac7f89bac941c5b8faca11890a6aa2078696fcc4c11f2be651b7c8fcb37b5e431c9781f8c6b29acd97bfc218e1e59c74beeced448d8529

  • SSDEEP

    24576:+iXibwi82I6FQqg9oNc7sjlef8Pbjm+hysCq:zdixI6FxNTleYh2q

Score
4/10

Malware Config

Targets

    • Target

      Cover Letter from CORP Tax - VTAF.DOC

    • Size

      223KB

    • MD5

      eead8bbf1327c651495104a15ff9808f

    • SHA1

      9a37a16d0e9e9ebd530bdbe4c7eef72cf72f269f

    • SHA256

      c1f22d0fb64e3d6eab09258d3bba9abf34c9118bfd74f60679f6d19fd39e4620

    • SHA512

      a7431f30dc8f87f2268006529f2f9398d047dd20597e5491e080502032f463cd3737090292240fd2184cf0809465b9249a0339d4aeb6de1cc77e00886a38b82b

    • SSDEEP

      1536:ebIj7Lnorav89AVo3r2NVrmt94TTS9Wkkra+a9NXQpVU8ZCJ:kiWa09Jb2rI94SMkkrPVU8

    Score
    4/10
    behavioral1behavioral2

    • Target

      EFT Form 2023.pdf

    • Size

      307KB

    • MD5

      7755ec887f148c5a0943392c810fc477

    • SHA1

      a253e5bd42192f11c4c4dfb0cdc3f903c571ac6c

    • SHA256

      db5565bcf63e257562fe138d6ce2f7505a0e824cb1e161bae66d65c3c9f3a722

    • SHA512

      c7a2ba1d6201af39613fa0d8e133a9b465bd131afa280b9bf98ce90404f541742a52437cc713111a6145fdc6ca2050cf05568cf8054fd1d4f0cd075eb8978ff2

    • SSDEEP

      6144:gSnGUZbsmCx4H6in0+Kdt+oyVhHq2OW+NYDS3PpVf9M:gIGUm4HXnPKdt+oyVh0tYDehVfG

    Score
    1/10
    behavioral3behavioral4

    • Target

      GO-1525 Supplier Information Form.docx

    • Size

      32KB

    • MD5

      d6e5b03717e15918de51aaa7791e8b72

    • SHA1

      b598abfaff2e1d48f3a9c8e91010cf3a41351831

    • SHA256

      174261e457a8929d8a4a915c83bead8fccd2cd7c7d02fe4b1b6fb772e294321a

    • SHA512

      7e8e190b85e46c9aa18f3321f5a3ce7b11d804c5e7b7a8ff05594a596859ee7e976c8c270622422dac6616da0b9bad9b8f208e1a24dc80796f45530dc800b8af

    • SSDEEP

      768:/RSXzWsnYoSA56B0ywu6oGZUd6bKWLmvXdi2x63p7:/Snzp3ylCfpLm/d7x63p7

    Score
    4/10
    behavioral5behavioral6

    • Target

      Supplier Compliance Form - SPS (24Jan23).xlsx

    • Size

      52KB

    • MD5

      c4bb00c70fc4bf950bbc187275172d49

    • SHA1

      43d95c91b064954fb82f13c1a335a986b42a4c4d

    • SHA256

      bc7fd25b4a8b173f2d7cd358cafecdc21c3bc0d8d8b066a21c025b98a765d758

    • SHA512

      50b5072903abc608d1c073474dc31f5d2f19098e59630626d95dc7d8275bf3dd2e42dd57019ad355f18199e66d080c56d84eaac9ee9efa65982e2a78fa7fef72

    • SSDEEP

      768:RtDGboOVTLJ36QPRt9xcOs3z8L5Vpc2R97YOvlS6WUBv0wsI5vg:rDOo2TlNxJs3z85VpZ9cOvMqv0INg

    Score
    1/10
    behavioral7behavioral8

    • Target

      Supplier Expectations.pdf

    • Size

      111KB

    • MD5

      1a651471750be552d66d7deaa8666024

    • SHA1

      8caa71ac1c273a5dd1f321e83b52c0ab29375553

    • SHA256

      a87d12005cab37b42756a825264a27ff21789baf7567b9db4d14ce4ea7e49b4d

    • SHA512

      5b238ebc4799c88db075c4c608a29ff6dfae344656b35a16c6b2ca99bc20758b742e954b941f3c120b4b8454dcb49e00d9bce339a2202ec77b9d79f444dfbf23

    • SSDEEP

      3072:zUUNnCHF3jcyb7fexA1pkii6TXzihi3l2iy9hHx:zJNcF3j2xADdiYzSiVQ9hHx

    Score
    1/10
    behavioral10behavioral9

    • Target

      Vendor-Taxability-Assessment-Form 2023 version.docx

    • Size

      151KB

    • MD5

      acbd8378b535c759e0773fed48832cc4

    • SHA1

      7b97377622edebafb53ccde469f4c393b4c01659

    • SHA256

      0cc968cca6fae371dc7789badfa91a658e686c317e015351d812d9451c293638

    • SHA512

      6ca4ea0b8dff05806ca698931ed1dde49c46c97f4820a389e39a03e1d14cc4a5bf326f2670a5e58cb3541acdb92011d427db32e7310252d29fb6ac012fc9f75f

    • SSDEEP

      3072:qSu+PiiT4ryEpMnRPmLmEpMLRPmL3EpMoRPmL8EpMFRPmLVEpMGRPmL5j9EX4imM:q+KO4Q4jn2c9FvOL

    Score
    4/10
    behavioral11behavioral12

    • Target

      W9.pdf

    • Size

      129KB

    • MD5

      a73738d335ef3abb155cc9dafbebdf57

    • SHA1

      71ee45828ff690bbfcdbd9b35aea58d48d9e8594

    • SHA256

      78366390cd4e3db89e06009fce54df272bee0d3b34003f3a786c4835239bfdff

    • SHA512

      d651b898350767d8a81b7fc65181dfdbe1a1f17bd77ba9c708d753470702c596851ea4557bd4d9065ecce64bab0b7b433ccf1b8e77f5ffaf2e82c70c9a48c6ce

    • SSDEEP

      3072:UVilYC32TlkA8VxiQNgAROHMQSJSFhasszU:Ur78DiQGARONGo

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

7
T1112

Credential Access

Discovery

Query Registry

11
T1012

System Information Discovery

11
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks