Overview

overview

10

Static

static

8

st_377.xls

windows7_x64

10

st_377.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    st_377.xls

  • Size

    154KB

  • Sample

    200708-54rrdr22v2

  • MD5

    28cdbfd0bdf481f1278eddf2302072fc

  • SHA1

    442aa2998ba02c341bc3fd94825c3ee0394edccd

  • SHA256

    82dc27524ee531accf53dea3200f8f9ea4e7c3a9f0d49e0be1d45109ab3bc8f6

  • SHA512

    dbf465c6d25ae0d385b1da0a5da43304d5c04858ac5e1b0f8b42801974332332cddcbff206a24b53979ce3e3ca3a7aa029d212451f27a3dfa9986a087a1412f7

Score
10/10
macro

Malware Config

Targets

    • Target

      st_377.xls

    • Size

      154KB

    • MD5

      28cdbfd0bdf481f1278eddf2302072fc

    • SHA1

      442aa2998ba02c341bc3fd94825c3ee0394edccd

    • SHA256

      82dc27524ee531accf53dea3200f8f9ea4e7c3a9f0d49e0be1d45109ab3bc8f6

    • SHA512

      dbf465c6d25ae0d385b1da0a5da43304d5c04858ac5e1b0f8b42801974332332cddcbff206a24b53979ce3e3ca3a7aa029d212451f27a3dfa9986a087a1412f7

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks