Extracted

• • Target

    8bd77dbc4d4545539e39f05f2bc150118fb9c5c43983a3eb40fc393de8440ed6.xlsx

  • Size

    680KB

  • MD5

    f6c8fc6e8459c34e01e3ea58e1670563

  • SHA1

    3d21b005c374534603a604236744505002a81b58

  • SHA256

    8bd77dbc4d4545539e39f05f2bc150118fb9c5c43983a3eb40fc393de8440ed6

  • SHA512

    c8f3737e4c119d267f14191f05351a079a670fff17cf9f5a85a671c9ae8c7c19873841811f713e64ccd210397d8cf12c224dec4f179af6c74ef6e73fe853bfc8

  • SSDEEP

    12288:7abFrC4pd7ysk1A6PP2Z2KY34l/l+dc0WSUNV0e7jV7zL/1BGxuVOFTgTg5QD:7aFVjuH2ZlzXWfW5NzL/1DWgTgc

  Score

  10^/10

  discoveryexecution

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Drops file in System32 directory

  behavioral1behavioral2