2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d | Triage

Submit
Reports

Overview

overview

Static

static

8

2ae4d463cd...2d.xls

windows7-x64

2ae4d463cd...2d.xls

windows10-2004-x64

1

Sharing

General

Target

2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d
Size

126KB
Sample

240710-zzznxasemh
MD5

d89dfeaadf6cdf2b7ea3435644180b3a
SHA1

bc9767d6217daba21cfdf8ed7e8dba01742bf196
SHA256

2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d
SHA512

928a0d467b79ba834f031e2a220c75e56017f7df7dba57be4a9ce274881f422683d70fdf39053c5f1496d1c59bb084fe6e8c0984d70b7740be49a1df631a560e
SSDEEP

1536:KdKcpx2Sk/8E3NEN1vn5jG685uUDf44fAg:8AxdEzvn5jb8cU

Score

10^/10

macro macro_on_action

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d.xls

Resource

win7-20240704-en

windows7-x64

10 signatures

60 seconds

Behavioral task

behavioral2

Sample

2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d.xls

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

60 seconds

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://85.143.166.190/asdvx/fghs.php

Targets

- Target
  
  2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d
- Size
  
  126KB
- MD5
  
  d89dfeaadf6cdf2b7ea3435644180b3a
- SHA1
  
  bc9767d6217daba21cfdf8ed7e8dba01742bf196
- SHA256
  
  2ae4d463cd4df974d95288744d1bbf686b42db45896e6c0ad4917f7aab42f32d
- SHA512
  
  928a0d467b79ba834f031e2a220c75e56017f7df7dba57be4a9ce274881f422683d70fdf39053c5f1496d1c59bb084fe6e8c0984d70b7740be49a1df631a560e
- SSDEEP
  
  1536:KdKcpx2Sk/8E3NEN1vn5jG685uUDf44fAg:8AxdEzvn5jb8cU
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy