319763c4253199fa108de1ced515b462bcf13fab283c69ad3bf5b62332fd3608 | Triage

Submit
Reports

Overview

overview

Static

static

1

2023084 .xlam

windows7-x64

2023084 .xlam

windows10-2004-x64

1

Sharing

General

Target

2023084 .xlam
Size

605KB
Sample

231005-k21lnabg82
MD5

c4299323b25e15b75436b2d3b97a0377
SHA1

b218643f49cdd92d34df9d92c5325c6bd4ee888c
SHA256

319763c4253199fa108de1ced515b462bcf13fab283c69ad3bf5b62332fd3608
SHA512

3a0e4bc1290a25bd37acb74a5b8bba56758fd3ccc98768997a29533d4d8f0ad30a63f85fd31adc9b7e59adfe010a98d10973ca1a507dff2451c1d03fc355e1ab
SSDEEP

12288:DvKt/+eOwUrhO7yvqsWdwdhGvPyT6pAmXbdeA07njtRoGdb+F5cgl2Ifc2:D0+eOwUSC7BfG2mrYA07j7JCF5cgl2I3

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

2023084 .xlam

Resource

win7-20230831-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023084 .xlam

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

- Target
  
  2023084 .xlam
- Size
  
  605KB
- MD5
  
  c4299323b25e15b75436b2d3b97a0377
- SHA1
  
  b218643f49cdd92d34df9d92c5325c6bd4ee888c
- SHA256
  
  319763c4253199fa108de1ced515b462bcf13fab283c69ad3bf5b62332fd3608
- SHA512
  
  3a0e4bc1290a25bd37acb74a5b8bba56758fd3ccc98768997a29533d4d8f0ad30a63f85fd31adc9b7e59adfe010a98d10973ca1a507dff2451c1d03fc355e1ab
- SSDEEP
  
  12288:DvKt/+eOwUrhO7yvqsWdwdhGvPyT6pAmXbdeA07njtRoGdb+F5cgl2Ifc2:D0+eOwUSC7BfG2mrYA07j7JCF5cgl2I3
Score

10^/10
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy