General
-
Target
2a464034b049ac41505571c33fe59489
-
Size
1.2MB
-
Sample
231231-ga7zwahce3
-
MD5
2a464034b049ac41505571c33fe59489
-
SHA1
b73cf1b589b9e77728f3c39317516d9d4d8ebffc
-
SHA256
9ca37d16fbb8d3dfd3801c6032ebedde91fff2a3dbebe0c61b2ad392597afac3
-
SHA512
6d603e0a62957aab16679075d8cb01c6e2d43db5e806c489917ecad629c73c49eabaecde41c84595fd3ee7d11a00c6871eea7aa297cb52027dae1182d2bf610d
-
SSDEEP
24576:qI86mOmxVc5GdjjISb28ldt7iY2MnEBYjCv2I1QmgWmgYlSZN:i6CLt2YNqYGeCCMN
Static task
static1
Behavioral task
behavioral1
Sample
PURCHASE ORDER AZAS112.xls.xll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
PURCHASE ORDER AZAS112.xls.xll
Resource
win10v2004-20231222-en
Malware Config
Extracted
Extracted
oski
himarkh.xyz
Targets
-
-
Target
PURCHASE ORDER AZAS112.xls.xll
-
Size
880KB
-
MD5
4ebc548df517cae4c7e3122e9c75ede6
-
SHA1
6e19e1e6f3a7b96cf562c2f6768f92580652d427
-
SHA256
6c67e1ccf77b872b1f3cf257a257d75c4995dc079945080f578b51357ccdbe55
-
SHA512
359be199470a83ad32db555840c5b33a6b69db96cc188d83d550639fe9fe75464529819fdf0cded9d489cb7ba03802667ac373d3ad2a3f7e4069b023c8508290
-
SSDEEP
24576:/zbGHAzHAjX1BcLgtBoKF0KihRPX0qFNE:/ziHILEV6Fm
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-