Overview

overview

8

Static

static

1

order LX321.xls

windows7-x64

8

order LX321.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    order LX321.xls

  • Size

    1.1MB

  • Sample

    230919-hj7wxafc9z

  • MD5

    6d065053f461331ac2b2ea8c8b4fc135

  • SHA1

    7de9c1e44f4f64c3e698fbaeda05369edcafc6e7

  • SHA256

    3e4660d96763c73a97e3db9a085a19e389b6bd95928e5477e583fc0c42fbce53

  • SHA512

    d0d55eaca911178320c600bd410cc2c8f2f3c803d8865d428910b23583ccfb7252cab6667c5bfa9904a98172b4ae86c4caccebaf756130566e8d345eeb116cf6

  • SSDEEP

    24576:BWQmmav30xSZy6w6Vc6N6vZyZw6VV6NajOp7NkQTwh01TaPqwta:QQmmQ306+6VdkB6V0CoNLTtaSS

Score
8/10

Malware Config

Targets

    • Target

      order LX321.xls

    • Size

      1.1MB

    • MD5

      6d065053f461331ac2b2ea8c8b4fc135

    • SHA1

      7de9c1e44f4f64c3e698fbaeda05369edcafc6e7

    • SHA256

      3e4660d96763c73a97e3db9a085a19e389b6bd95928e5477e583fc0c42fbce53

    • SHA512

      d0d55eaca911178320c600bd410cc2c8f2f3c803d8865d428910b23583ccfb7252cab6667c5bfa9904a98172b4ae86c4caccebaf756130566e8d345eeb116cf6

    • SSDEEP

      24576:BWQmmav30xSZy6w6Vc6N6vZyZw6VV6NajOp7NkQTwh01TaPqwta:QQmmQ306+6VdkB6V0CoNLTtaSS

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks