Overview
overview
10Static
static
367f64deda3...ca.exe
windows7-x64
1067f64deda3...ca.exe
windows10-2004-x64
10Ecco.xlm
windows7-x64
1Ecco.xlm
windows10-2004-x64
1Par.xlm
windows7-x64
1Par.xlm
windows10-2004-x64
1Sommesso.ps1
windows7-x64
1Sommesso.ps1
windows10-2004-x64
1Vento.xlm
windows7-x64
1Vento.xlm
windows10-2004-x64
1Analysis
-
max time kernel
1s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
19-01-2024 15:23
Static task
static1
Behavioral task
behavioral1
Sample
67f64deda3027f9fcdd4b5d9568d37ca.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
67f64deda3027f9fcdd4b5d9568d37ca.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
Ecco.xlm
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
Ecco.xlm
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
Par.xlm
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
Par.xlm
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
Sommesso.ps1
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
Sommesso.ps1
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
Vento.xlm
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
Vento.xlm
Resource
win10v2004-20231222-en
General
-
Target
Vento.xlm
-
Size
872KB
-
MD5
7086a5eb43121ec9982a724df35038c9
-
SHA1
a41da4521467cca2caf8bf4f125f2e9937ca6524
-
SHA256
cc48df3aabd0cb33748c57ace9c163c1b14dc19a287717afa6c333345081aa1b
-
SHA512
63eb0ad9cfe1634ddf1bcfed2307508dbfeaa1c9540fd62315e27cd1e1efdf8a5112992e582a877e66ce57540f113a49026a9eab82477273f6a1d65f79b35a52
-
SSDEEP
12288:hpVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:hT3E53Myyzl0hMf1tr7Caw8M01
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
Processes:
EXCEL.EXEpid process 4512 EXCEL.EXE -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
EXCEL.EXEpid process 4512 EXCEL.EXE 4512 EXCEL.EXE 4512 EXCEL.EXE 4512 EXCEL.EXE