Overview

overview

10

Static

static

8

order-649.xls

windows7_x64

10

order-649.xls

windows10_x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    order-649.xls

  • Size

    148KB

  • Sample

    200710-ngs2bd2nks

  • MD5

    0e08cfc72b49a23f004c5a944b69478f

  • SHA1

    8f55d06882f10d0e2d1f42b020e836ae37e4a67e

  • SHA256

    d1ec88f75d1134f2df67601950a89d727579cadcd69c34a53ab11847aee99e0e

  • SHA512

    bb79e93682bd4ab03b5fc38b68a257a5ba2ad04eaeda84c64663525724b3caf19268c37d320bf2e963354e1cca3e791643d0b729fe7ae034724b248effc4308e

Score
10/10
macro

Malware Config

Targets

    • Target

      order-649.xls

    • Size

      148KB

    • MD5

      0e08cfc72b49a23f004c5a944b69478f

    • SHA1

      8f55d06882f10d0e2d1f42b020e836ae37e4a67e

    • SHA256

      d1ec88f75d1134f2df67601950a89d727579cadcd69c34a53ab11847aee99e0e

    • SHA512

      bb79e93682bd4ab03b5fc38b68a257a5ba2ad04eaeda84c64663525724b3caf19268c37d320bf2e963354e1cca3e791643d0b729fe7ae034724b248effc4308e

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks