General
-
Target
8871c881e9c6107e9ea7389e47b15a40
-
Size
1.2MB
-
Sample
240202-d4e96sfbcq
-
MD5
8871c881e9c6107e9ea7389e47b15a40
-
SHA1
1423885ed68f29354882c9d34ccce0ae3d32f234
-
SHA256
fd7a0cea676ea7114f56d5732307f5caf5444c7da5f961066c9289ed5fc766fc
-
SHA512
b48b09423115fe7992f8a85e4c81a1423a6b7aa6dd1ecd763bc7ac7077fa86bd85854bd1623f27010b05fd291891947b8b32223e0f0ca926a2c80d0df85d357e
-
SSDEEP
24576:Zy86mOmxVc5GdjjISb28ldt7iY2MnEBYjCv2I1QmgWmgYlSZt:T6CLt2YNqYGeCCMt
Static task
static1
Behavioral task
behavioral1
Sample
PURCHASE ORDER AZAS112.xls.xll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
PURCHASE ORDER AZAS112.xls.xll
Resource
win10v2004-20231222-en
Malware Config
Extracted
Extracted
oski
himarkh.xyz
Targets
-
-
Target
PURCHASE ORDER AZAS112.xls.xll
-
Size
880KB
-
MD5
4ebc548df517cae4c7e3122e9c75ede6
-
SHA1
6e19e1e6f3a7b96cf562c2f6768f92580652d427
-
SHA256
6c67e1ccf77b872b1f3cf257a257d75c4995dc079945080f578b51357ccdbe55
-
SHA512
359be199470a83ad32db555840c5b33a6b69db96cc188d83d550639fe9fe75464529819fdf0cded9d489cb7ba03802667ac373d3ad2a3f7e4069b023c8508290
-
SSDEEP
24576:/zbGHAzHAjX1BcLgtBoKF0KihRPX0qFNE:/ziHILEV6Fm
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-