7be0e7463275859563c266e5a7f0d02dd105458764ca49523d19c64811e1f0d5 | Triage

Submit
Reports

Overview

overview

Static

static

1

Pre-Advice...t.xlam

windows7-x64

Pre-Advice...t.xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

Pre-Advice Report.xlam
Size

651KB
Sample

231003-g1ljkaae58
MD5

711f22759352f71502ae383ab4cea435
SHA1

2c766048391043b624a0d9713fa664ec5f151a0e
SHA256

7be0e7463275859563c266e5a7f0d02dd105458764ca49523d19c64811e1f0d5
SHA512

f3f227160b2323288bb355b92339f4d5437a7073e5f500245500d0a2a8101c0474dbb3b5c4107d3e333a2f9686f0f32154398fef7e2ee9a859c0e15927f85daa
SSDEEP

12288:k7kKAv0OQdL/SNqcpJJ/GO7ewecU9EnVrTw10qJdG+NWxkckgUk:k7kKaQJIJJ/Gs3lU+nhTqQ+8xTUk

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

Pre-Advice Report.xlam

Resource

win7-20230831-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

Pre-Advice Report.xlam

Resource

win10v2004-20230915-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://uploaddeimagens.com.br/images/004/622/019/original/rump_new.jpg?1695949870

exe.dropper

https://uploaddeimagens.com.br/images/004/622/019/original/rump_new.jpg?1695949870

Targets

- Target
  
  Pre-Advice Report.xlam
- Size
  
  651KB
- MD5
  
  711f22759352f71502ae383ab4cea435
- SHA1
  
  2c766048391043b624a0d9713fa664ec5f151a0e
- SHA256
  
  7be0e7463275859563c266e5a7f0d02dd105458764ca49523d19c64811e1f0d5
- SHA512
  
  f3f227160b2323288bb355b92339f4d5437a7073e5f500245500d0a2a8101c0474dbb3b5c4107d3e333a2f9686f0f32154398fef7e2ee9a859c0e15927f85daa
- SSDEEP
  
  12288:k7kKAv0OQdL/SNqcpJJ/GO7ewecU9EnVrTw10qJdG+NWxkckgUk:k7kKaQJIJJ/Gs3lU+nhTqQ+8xTUk
Score

10^/10
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy