Overview

overview

10

Static

static

1

Transferen...a.xlam

windows7-x64

10

Transferen...a.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Transferencia Interbancaria.xlam.xlsx

  • Size

    588KB

  • Sample

    231011-xxnshsgb3x

  • MD5

    c1a52b431177fbd2eb41145ba828b2e4

  • SHA1

    a43d7df02bbe9bd73e10c720085b661245314b8c

  • SHA256

    32de3153bc2f4268e83f2b16212065189e0a6350aac9ee052b6f485f01fe2a47

  • SHA512

    bbfb268f5ba9241d92269211e32daea5b8d9b6573c6d2d39593af54b5953c0947f5860051b9ffb3697fe7399de8d2da678ea7ca0e9f644c91832f7517bc431e0

  • SSDEEP

    12288:hyH8drcg9Ya1TcCh/pW4IrHDV0Hh7TZmVLdMPgqa4u58vtnsqU5:oG9ZIgxW4IimLdMP+4ptnxU5

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937
exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

    • Target

      Transferencia Interbancaria.xlam.xlsx

    • Size

      588KB

    • MD5

      c1a52b431177fbd2eb41145ba828b2e4

    • SHA1

      a43d7df02bbe9bd73e10c720085b661245314b8c

    • SHA256

      32de3153bc2f4268e83f2b16212065189e0a6350aac9ee052b6f485f01fe2a47

    • SHA512

      bbfb268f5ba9241d92269211e32daea5b8d9b6573c6d2d39593af54b5953c0947f5860051b9ffb3697fe7399de8d2da678ea7ca0e9f644c91832f7517bc431e0

    • SSDEEP

      12288:hyH8drcg9Ya1TcCh/pW4IrHDV0Hh7TZmVLdMPgqa4u58vtnsqU5:oG9ZIgxW4IimLdMP+4ptnxU5

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks