General
-
Target
OrderXInquiry.xla.xlsx
-
Size
249KB
-
Sample
231212-jbtjzsghfr
-
MD5
9f0fedb5a159b247d698fe525fa42b71
-
SHA1
1d466b66435f85871baf84e16bf476be7622dbb5
-
SHA256
e31f2c0dc3d83adc49c85d60876825d5591bb398472d101d179eeff7dbf89952
-
SHA512
f0fbaf804fa00ecceadac64ea36f88956bc74df139e6d571e96585eaaf57450d2cd89d3fce4048221f2b74b492259d5ad10c89d8723349c23833670778d04a9a
-
SSDEEP
6144:vY35qAOJl/YrLYz+WrNhZF+E+fgL+0dD8ivSbVZvMIXeYueFZ1Ddb4P6gfGmqEqE:y3bVZvMIXNFZddb46pmV0Af
Behavioral task
behavioral1
Sample
OrderXInquiry.xla.xls
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
OrderXInquiry.xla.xls
Resource
win10v2004-20231130-en
Malware Config
Extracted
https://uploaddeimagens.com.br/images/004/686/431/original/dll_vbe.jpg?1702073941
https://uploaddeimagens.com.br/images/004/686/431/original/dll_vbe.jpg?1702073941
Targets
-
-
Target
OrderXInquiry.xla.xlsx
-
Size
249KB
-
MD5
9f0fedb5a159b247d698fe525fa42b71
-
SHA1
1d466b66435f85871baf84e16bf476be7622dbb5
-
SHA256
e31f2c0dc3d83adc49c85d60876825d5591bb398472d101d179eeff7dbf89952
-
SHA512
f0fbaf804fa00ecceadac64ea36f88956bc74df139e6d571e96585eaaf57450d2cd89d3fce4048221f2b74b492259d5ad10c89d8723349c23833670778d04a9a
-
SSDEEP
6144:vY35qAOJl/YrLYz+WrNhZF+E+fgL+0dD8ivSbVZvMIXeYueFZ1Ddb4P6gfGmqEqE:y3bVZvMIXNFZddb46pmV0Af
Score10/10-
Blocklisted process makes network request
-
Abuses OpenXML format to download file from external location
-
Drops file in System32 directory
-