Overview

overview

10

Static

static

1

c5f23ffa1d...6.xlam

windows7-x64

10

c5f23ffa1d...6.xlam

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    ce296bb106eaae9d71c60c5b200c0773.bin

  • Size

    674KB

  • Sample

    231029-c1632sed21

  • MD5

    06f280a44ede530970100596356c71d0

  • SHA1

    3215fa6bce0cf3fd86a74c557bc2f0fb785c39a6

  • SHA256

    7b32933bd68e4407e7c1e1497c6e2ebf412641a6056053948f03c81be461b0d7

  • SHA512

    2fd405aaf1c4e84434ad055521ba99a7edfed4ec882331b4223d3b432c5b50f9059e06e6bda566acf0a6c83b0f1ba73b96dece4eeb7ba692e5a66ca8c85ec803

  • SSDEEP

    12288:P8YWz2wlcemByKzHylR3b4C9QPNCccpmJ9cU5dsl7W9b/EXoK6/qv9:EY2tFmByKzHyLL+sDUKUzsl7Wp/WoV/S

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://wallpapercave.com/uwp/uwp4098462.png
exe.dropper

https://wallpapercave.com/uwp/uwp4098462.png

Targets

    • Target

      c5f23ffa1d65c9fbf3ca8a880ac2738b3ae188da2011db2430f3cc1bf3dcc5d6.xlsx

    • Size

      677KB

    • MD5

      ce296bb106eaae9d71c60c5b200c0773

    • SHA1

      5f81c1463aa1a796e3de0bfeb0a623d600842d93

    • SHA256

      c5f23ffa1d65c9fbf3ca8a880ac2738b3ae188da2011db2430f3cc1bf3dcc5d6

    • SHA512

      8054666b8f6e3e4c80ad07febbbf8baeed6816e0d813e0c4592a2052f4776caadc8ebb09db48001bf8cdbb4a384ad5950614e9a51a86f6ec0c2a453e79ff12e2

    • SSDEEP

      12288:BqnWUwO2AaD8kN+Rf7N+ZZkuLYUe+s4Nl0bJjv1yvzACqrDNiH11Th:4d2xZeDkfkNUkKCbJjv1yv5sDNiHh

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks