Overview

overview

8

Static

static

1

51396027.exe

windows7-x64

8

51396027.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51396027.exe

  • Size

    10.5MB

  • Sample

    250328-rx5s5syqv2

  • MD5

    59a9cba43d9dd78d248ec074353756b9

  • SHA1

    da08c31f59fdf099474fa43205fb7f352d80edb2

  • SHA256

    dc3d08cc406d15bb457ae7c5f678e379cdd98c8297d08b8d1b5ead62adfe1857

  • SHA512

    0b8c9341774d3cb55d3a1d679e99621fc240e75c7a86aefa3b888546d1fdf5ff281e448a6a526882097efaa73357e2f32b90d6b4714a759821358a3d90d723bb

  • SSDEEP

    196608:QUbJDQhT+BJpGuGfWFLiAt+ZtwpMskNvjfG2nu/CmaaFhEUrue6TwGdwCNkYSxfF:QUblWqJpnGeAtwCbNvS2GCmaNuue6TNy

Score
8/10
discoverymacromacro_on_action

Malware Config

Targets

    • Target

      51396027.exe

    • Size

      10.5MB

    • MD5

      59a9cba43d9dd78d248ec074353756b9

    • SHA1

      da08c31f59fdf099474fa43205fb7f352d80edb2

    • SHA256

      dc3d08cc406d15bb457ae7c5f678e379cdd98c8297d08b8d1b5ead62adfe1857

    • SHA512

      0b8c9341774d3cb55d3a1d679e99621fc240e75c7a86aefa3b888546d1fdf5ff281e448a6a526882097efaa73357e2f32b90d6b4714a759821358a3d90d723bb

    • SSDEEP

      196608:QUbJDQhT+BJpGuGfWFLiAt+ZtwpMskNvjfG2nu/CmaaFhEUrue6TwGdwCNkYSxfF:QUblWqJpnGeAtwCbNvS2GCmaNuue6TNy

    Score
    8/10
    discoverymacromacro_on_action

    • Office macro that triggers on suspicious action

      Office document macro which triggers in special circumstances - often malicious.

      macromacro_on_action

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks