d0a85ca6f20185dd947706900ea660403a869342ea43ac8cfbde3e504ddea42b | Triage

Submit
Reports

Overview

overview

Static

static

1

Po No.120220052.xlam

windows7-x64

Po No.120220052.xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

Po No.120220052.xlam
Size

653KB
Sample

231011-kn7g2scb5x
MD5

48fd8814b0f841ce210bd8815592a30f
SHA1

91406232f55a3cba2d59729049b5f939835b1c80
SHA256

d0a85ca6f20185dd947706900ea660403a869342ea43ac8cfbde3e504ddea42b
SHA512

dbf1c8f36f34edcfefc209fbf34142c6813adabbae81272cbdbed03fa715ea98dd93e5bc2c1c96c84802035c7466a5f61b658c84ce4f07e5aa3cde7b7f556aca
SSDEEP

12288:bat2N2HjsMm5C6r9GAAI6PP3s0SalbuUDykmQwPaZeLqN0d4kC/t3DMkKypP:by2NIpR6rtAZH3wqbO3QEaZee0d4kC/V

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

Po No.120220052.xlam

Resource

win7-20230831-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Po No.120220052.xlam

Resource

win10v2004-20230915-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

- Target
  
  Po No.120220052.xlam
- Size
  
  653KB
- MD5
  
  48fd8814b0f841ce210bd8815592a30f
- SHA1
  
  91406232f55a3cba2d59729049b5f939835b1c80
- SHA256
  
  d0a85ca6f20185dd947706900ea660403a869342ea43ac8cfbde3e504ddea42b
- SHA512
  
  dbf1c8f36f34edcfefc209fbf34142c6813adabbae81272cbdbed03fa715ea98dd93e5bc2c1c96c84802035c7466a5f61b658c84ce4f07e5aa3cde7b7f556aca
- SSDEEP
  
  12288:bat2N2HjsMm5C6r9GAAI6PP3s0SalbuUDykmQwPaZeLqN0d4kC/t3DMkKypP:by2NIpR6rtAZH3wqbO3QEaZee0d4kC/V
Score

10^/10
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy