Overview

overview

10

Static

static

1

7a6367cdd9...7.xlam

windows7-x64

10

7a6367cdd9...7.xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    bb1be8aabfa3b7b55acaf121f7be3a05.bin

  • Size

    652KB

  • Sample

    231011-mctg6agd6t

  • MD5

    41bc71294ec4e3749f692972e0f4b0c9

  • SHA1

    4c835752b6916c91811b890aeffbcfe921de0a39

  • SHA256

    6c62a42db697f83f34d3d22e169697551eb1171235f772554bf8ccb276cc3655

  • SHA512

    8c198d6c3f1d9833b1c6ba97bb7b491a5c33b07587dcb7c4327b4f1d725efd2aa3b3e4c13b3a3a5d196d18890a8748e99e59c941050be76c12325b3ca8d2692e

  • SSDEEP

    12288:O3C+o1Lq5Dd32nUMd5ehMixuWpuLXL+qzhUJ3sabMFa+9hw0K+XLSq1B+jlDpSn:WC+5dGvixlGjoJAa2LKM+0QRq

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937
exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

    • Target

      7a6367cdd9d6d0db0c685487937d09f9881cbbcdc936b3750bd89ed7fcbad407.xlsx

    • Size

      654KB

    • MD5

      bb1be8aabfa3b7b55acaf121f7be3a05

    • SHA1

      a5a02621318a15252808779c217e49e876174ed9

    • SHA256

      7a6367cdd9d6d0db0c685487937d09f9881cbbcdc936b3750bd89ed7fcbad407

    • SHA512

      c258d8fb2a76675d3058d7fcd5a34289b03452e521a68fa5b272b7bd1b72b3b191b112e66427914f007b40f52f5437ab54fb5545d6f628a4691a6f506208ba92

    • SSDEEP

      12288:X3ESjOqP3NhfIdnsaKZ3EDowgaimuSwHgF9aIfg8NkTNaK:nEzqIv4EsNPmuStPX+aK

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks