Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
25-11-2024 14:07
General
-
Target
RFQ7-82927766783 WF242183 TRGR-989789引流管 中性.xlsx.exe
-
Size
82KB
-
MD5
5405c36dca0a57d8a6632550b0cba212
-
SHA1
9f487e0902b7c39a4c4dd8dd9e918dc3dc10245c
-
SHA256
8d429a2e8f8b5403c44cb7597598c2ba18a40ccb464f2997426d3eefbbd888c0
-
SHA512
c699a965e289613d31f699494328f9570abc61ea437ab199afbb266c923c9383c366e3f4bec1de27614f2d9672de5449ee39e0d3614df3f315a2b64fad2e8e6b
-
SSDEEP
1536:eKPDl0ZVabbkg9ot5dR7GqPoS95sRvWQONAjzGX+:eKPDOZVEbkg6lKC0eBNAjzV
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\RFQ7-82927766783 WF242183 TRGR-989789引流管 中性.xlsx.exe"C:\Users\Admin\AppData\Local\Temp\RFQ7-82927766783 WF242183 TRGR-989789引流管 中性.xlsx.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
104KB
-
Filesize
6.9MB
-
Filesize
4KB
-
Filesize
6.9MB