General
-
Target
cotizaciòn.xlam.xlsx
-
Size
641KB
-
Sample
240615-j3a7qaxblj
-
MD5
2d9b5945714ea805ce5f1cf030d4433a
-
SHA1
4e4404fea5783dc087ee122528d1a54fafe986fe
-
SHA256
bcbff255ab9eb2201692467e5a33eada684a4b8c446d730a2f4820fb3c51eeb5
-
SHA512
3f378008b5c51bd149c2ce621c1e9c7478409ea253b2016edc091af0bf045ac1cacf0f3237ec0bba9f1c3cb7178419b74207d89df57fe228f8c3dc83de070c90
-
SSDEEP
12288:XrkDjbOCpOt+aSJsZTSFgF/2R2xoOfR0ieoDR2D8mSTgz4o:XrWmCpe+2Z2FgVmOfR0ip2DQgL
Malware Config
Targets
-
-
Target
cotizaciòn.xlam.xlsx
-
Size
641KB
-
MD5
2d9b5945714ea805ce5f1cf030d4433a
-
SHA1
4e4404fea5783dc087ee122528d1a54fafe986fe
-
SHA256
bcbff255ab9eb2201692467e5a33eada684a4b8c446d730a2f4820fb3c51eeb5
-
SHA512
3f378008b5c51bd149c2ce621c1e9c7478409ea253b2016edc091af0bf045ac1cacf0f3237ec0bba9f1c3cb7178419b74207d89df57fe228f8c3dc83de070c90
-
SSDEEP
12288:XrkDjbOCpOt+aSJsZTSFgF/2R2xoOfR0ieoDR2D8mSTgz4o:XrWmCpe+2Z2FgVmOfR0ip2DQgL
Score8/10-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Drops file in System32 directory
-