General

  • Target

    265e091ffeb34fdc48b53f433c7434f230891cb8b82f758cd570c8b070ae0c64.xls

  • Size

    303KB

  • Sample

    240627-bjerssvalf

  • MD5

    7578a1593ea13ebdc7ec141a0d61fba6

  • SHA1

    0d18b767334ae7cda6a333640a739b80b65d62d6

  • SHA256

    265e091ffeb34fdc48b53f433c7434f230891cb8b82f758cd570c8b070ae0c64

  • SHA512

    0f178d3c4974642f9c5d96c4309db13867fc36d151e81b736bb45d3ee6897b5979db1a5c1a119d38647f629347ef549c17f4c11174b9fb464cad669d9ca84c9f

  • SSDEEP

    6144:ULOua1ElwDpw0XIw3QdOSP7AHZezRQTSIcE0r0ZrQ:jdDBXIyQdOq8HZpuPE0+rQ

Score
10/10

Malware Config

Targets

    • Target

      265e091ffeb34fdc48b53f433c7434f230891cb8b82f758cd570c8b070ae0c64.xls

    • Size

      303KB

    • MD5

      7578a1593ea13ebdc7ec141a0d61fba6

    • SHA1

      0d18b767334ae7cda6a333640a739b80b65d62d6

    • SHA256

      265e091ffeb34fdc48b53f433c7434f230891cb8b82f758cd570c8b070ae0c64

    • SHA512

      0f178d3c4974642f9c5d96c4309db13867fc36d151e81b736bb45d3ee6897b5979db1a5c1a119d38647f629347ef549c17f4c11174b9fb464cad669d9ca84c9f

    • SSDEEP

      6144:ULOua1ElwDpw0XIw3QdOSP7AHZezRQTSIcE0r0ZrQ:jdDBXIyQdOq8HZpuPE0+rQ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks