Overview

overview

6

Static

static

Marlo_Dione.xls

windows7_x64

6

Marlo_Dione.xls

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Marlo_Dione.xls

  • Size

    286KB

  • Sample

    200715-stwqcppdsn

  • MD5

    40cb120fa3a2838c031479f46aa098fd

  • SHA1

    eee1ed1682879b0b011480d2dcdc9628522d9aad

  • SHA256

    cc391febddc384528fdf0b25e440074cf5f8f1ef4630e75e2655efc7a3c1697d

  • SHA512

    978ca11b563aab0ff3d1f6ef960166935d5c630181142edbd36eb95b7c5e2530e3270abe47fe5942e1bd03c1fd022cfbb7b6203697b85794fe1ec86856a420a5

Score
6/10

Malware Config

Targets

    • Target

      Marlo_Dione.xls

    • Size

      286KB

    • MD5

      40cb120fa3a2838c031479f46aa098fd

    • SHA1

      eee1ed1682879b0b011480d2dcdc9628522d9aad

    • SHA256

      cc391febddc384528fdf0b25e440074cf5f8f1ef4630e75e2655efc7a3c1697d

    • SHA512

      978ca11b563aab0ff3d1f6ef960166935d5c630181142edbd36eb95b7c5e2530e3270abe47fe5942e1bd03c1fd022cfbb7b6203697b85794fe1ec86856a420a5

    Score
    6/10

    • Enumerates connected drives

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks