Overview

overview

10

Static

static

1

omo.xlam

windows7-x64

10

omo.xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    omo.xlam.xlsx

  • Size

    740KB

  • Sample

    230920-vh2pqabe89

  • MD5

    ff4afba38fca387b209a6058da8583ec

  • SHA1

    75118d306f18f4574018ad5d24e725ff3bee49b2

  • SHA256

    3cb021f727c306bcc8a733554521981f4bfd5e9b3e39d733d601e7a69291d602

  • SHA512

    818adfd4fc17259de3c4231dca281e0631952eaa0db23be7335f13617bc32d40e6eecd32e14b7e7980495211d51afa52f044746f4e687c47d366eca64e7ff9e5

  • SSDEEP

    12288:5XSSaqxNzx5n7SpfzpUdyD9jLRa94nhI540WkaMzJO7njWCDeGT9zQPTL7B:baQNbSqi96eh0Wkb47jWCSY9zQbnB

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
exe.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

Targets

    • Target

      omo.xlam.xlsx

    • Size

      740KB

    • MD5

      ff4afba38fca387b209a6058da8583ec

    • SHA1

      75118d306f18f4574018ad5d24e725ff3bee49b2

    • SHA256

      3cb021f727c306bcc8a733554521981f4bfd5e9b3e39d733d601e7a69291d602

    • SHA512

      818adfd4fc17259de3c4231dca281e0631952eaa0db23be7335f13617bc32d40e6eecd32e14b7e7980495211d51afa52f044746f4e687c47d366eca64e7ff9e5

    • SSDEEP

      12288:5XSSaqxNzx5n7SpfzpUdyD9jLRa94nhI540WkaMzJO7njWCDeGT9zQPTL7B:baQNbSqi96eh0Wkb47jWCSY9zQbnB

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks