Overview

overview

10

Static

static

1

Swift 01-N...la.xls

windows7-x64

10

Swift 01-N...la.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Swift 01-Nov-2023.xla.xlsx

  • Size

    101KB

  • Sample

    231101-tp7zmsca55

  • MD5

    59914c978891a061e2870c3f14b2a108

  • SHA1

    a4811c1437da8a14081002802f20ee7c1c9760b7

  • SHA256

    199e6a04393765cb8c52797906db84536abf7ef4b25406ccbe008bcc649a4a45

  • SHA512

    201c2c248c38314431300985ed9b2af473d65fb3f9421c9506bed95779239189835ca464666ee313f0ccd6af7955bcb9269a1a3ee3f8c49bb9f308315b954cd7

  • SSDEEP

    1536:EpQDyT9HK9LKt9+CNtVnwkpIatI8yhcDYZUeNBc/qw6/lhH:3awKt00dwkOmI8yht5xb/

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/652/514/original/new_image.jpg?1698762134
exe.dropper

https://uploaddeimagens.com.br/images/004/652/514/original/new_image.jpg?1698762134

Targets

    • Target

      Swift 01-Nov-2023.xla.xlsx

    • Size

      101KB

    • MD5

      59914c978891a061e2870c3f14b2a108

    • SHA1

      a4811c1437da8a14081002802f20ee7c1c9760b7

    • SHA256

      199e6a04393765cb8c52797906db84536abf7ef4b25406ccbe008bcc649a4a45

    • SHA512

      201c2c248c38314431300985ed9b2af473d65fb3f9421c9506bed95779239189835ca464666ee313f0ccd6af7955bcb9269a1a3ee3f8c49bb9f308315b954cd7

    • SSDEEP

      1536:EpQDyT9HK9LKt9+CNtVnwkpIatI8yhcDYZUeNBc/qw6/lhH:3awKt00dwkOmI8yht5xb/

    Score
    10/10

    • Blocklisted process makes network request

    • Abuses OpenXML format to download file from external location

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks