Overview

overview

10

Static

static

1

APS-984027... .xlam

windows7-x64

10

APS-984027... .xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    APS-9840270 Rev2 .xlam

  • Size

    759KB

  • Sample

    231002-t46p5aee43

  • MD5

    0045374eabcc2f9947a4d34ccd5fe1d0

  • SHA1

    e360261c380f671bf895c15b088bd121215b9d18

  • SHA256

    a0c8bbdd44ce4987dc06a715d67ec3370182418f924fbec1c35970efddda839a

  • SHA512

    5eaf04759351547b33dbad840954af79842c6bc462600da5ffa71583608ae88cf9ac92af65678279083874ebb329879ea35202fe566ea60300cf4c2e399e75c0

  • SSDEEP

    12288:HXnWsjUtgqym4yjeLx9ia95DRbXWtQ+w21D1n3f8hhzB83mpekI0sxliXgHOVKuJ:3jrm4Cg2YDRbXb+wuD138hMlkID/iuC7

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937
exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

    • Target

      APS-9840270 Rev2 .xlam

    • Size

      759KB

    • MD5

      0045374eabcc2f9947a4d34ccd5fe1d0

    • SHA1

      e360261c380f671bf895c15b088bd121215b9d18

    • SHA256

      a0c8bbdd44ce4987dc06a715d67ec3370182418f924fbec1c35970efddda839a

    • SHA512

      5eaf04759351547b33dbad840954af79842c6bc462600da5ffa71583608ae88cf9ac92af65678279083874ebb329879ea35202fe566ea60300cf4c2e399e75c0

    • SSDEEP

      12288:HXnWsjUtgqym4yjeLx9ia95DRbXWtQ+w21D1n3f8hhzB83mpekI0sxliXgHOVKuJ:3jrm4Cg2YDRbXb+wuD138hMlkID/iuC7

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks