Overview

overview

8

Static

static

1

AWD 490104998518.xls

windows7-x64

8

AWD 490104998518.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AWD 490104998518.xls

  • Size

    1.2MB

  • Sample

    240726-m4jf9stfnj

  • MD5

    f63c009bccbc4d8d26d162a168feaeb1

  • SHA1

    fa8ab13582703932f968a31e6cc0973e45ca43e0

  • SHA256

    f9541983f2c2e2f0a0a72dce180342d0637a52a4ba6e49ea42e8c5844d4de9e3

  • SHA512

    56a099036928c0af89d6a4cde7977cf5f3a5626a028aabea8a4dc590dd582c395042ae2c4f05b8085b81a9d19fb12f18beea0fe145712f057ffc12028e063395

  • SSDEEP

    24576:D6sKGQKr9+FZF+S0ANklw1Q1Ftt5Kj1G8RjM78quuH6OBrNoDgYEMuFh:9Hr9+FZQNw1Q1l5oGYjMhuu3BRo0Yr+

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      AWD 490104998518.xls

    • Size

      1.2MB

    • MD5

      f63c009bccbc4d8d26d162a168feaeb1

    • SHA1

      fa8ab13582703932f968a31e6cc0973e45ca43e0

    • SHA256

      f9541983f2c2e2f0a0a72dce180342d0637a52a4ba6e49ea42e8c5844d4de9e3

    • SHA512

      56a099036928c0af89d6a4cde7977cf5f3a5626a028aabea8a4dc590dd582c395042ae2c4f05b8085b81a9d19fb12f18beea0fe145712f057ffc12028e063395

    • SSDEEP

      24576:D6sKGQKr9+FZF+S0ANklw1Q1Ftt5Kj1G8RjM78quuH6OBrNoDgYEMuFh:9Hr9+FZQNw1Q1l5oGYjMhuu3BRo0Yr+

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Abuses OpenXML format to download file from external location

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks