6f721e74a6939cb9ed228e6c02a4804d330b64083e4efaead5be2f658bf1282a | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Purchase Order.xlam

windows7-x64

8

Purchase Order.xlam

windows10-2004-x64

1

Sharing

General

Target

Purchase Order.xlam
Size

667KB
Sample

231013-15b1gacg91
MD5

fca938ca93fe7c8f92bdf23c9a5a54c9
SHA1

86019616b0604f4b3e7b60c25da443fdfeef14a9
SHA256

6f721e74a6939cb9ed228e6c02a4804d330b64083e4efaead5be2f658bf1282a
SHA512

b30f44f5a294a8f4941d9fe6d34787850352989d6b202880bff14e7b9f8e783e70371e4dd430f74a863153c5e4e5e072a5bd9bd0093aee0720dbd71d51da1092
SSDEEP

12288:sLz1nM0wPRWr3E5gtgyD4fys7IjxKsu7GkTw2aRjlLyO5sx2SG+Y7:4z1nKRWI+t7057Wu7M9fuO5MY7

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Order.xlam

Resource

win7-20230831-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Purchase Order.xlam

Resource

win10v2004-20230915-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Purchase Order.xlam
- Size
  
  667KB
- MD5
  
  fca938ca93fe7c8f92bdf23c9a5a54c9
- SHA1
  
  86019616b0604f4b3e7b60c25da443fdfeef14a9
- SHA256
  
  6f721e74a6939cb9ed228e6c02a4804d330b64083e4efaead5be2f658bf1282a
- SHA512
  
  b30f44f5a294a8f4941d9fe6d34787850352989d6b202880bff14e7b9f8e783e70371e4dd430f74a863153c5e4e5e072a5bd9bd0093aee0720dbd71d51da1092
- SSDEEP
  
  12288:sLz1nM0wPRWr3E5gtgyD4fys7IjxKsu7GkTw2aRjlLyO5sx2SG+Y7:4z1nKRWI+t7057Wu7M9fuO5MY7
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy