ccfce06113edd99d25c935f5d8a503140e6b402adb4cf4909e158f9c84aef8bc | Triage

Submit
Reports

Overview

overview

Static

static

sample.xls

windows7_x64

sample.xls

windows10_x64

Sharing

General

Target

sample
Size

101KB
Sample

201120-jz3p3sh2ca
MD5

736e81cce9c84c0f3de65ed475bde501
SHA1

781ee5c6fd1293059ef9295be072777bc9d192a1
SHA256

ccfce06113edd99d25c935f5d8a503140e6b402adb4cf4909e158f9c84aef8bc
SHA512

5fe2317508c921e38fb65722cd36ca5cd1c3ebb03c0cf27d9311d51126edfa16d09845cb4819a4005061167953bce6cca288d13659859813fc03882e88bc382a

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

sample.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sample.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  101KB
- MD5
  
  736e81cce9c84c0f3de65ed475bde501
- SHA1
  
  781ee5c6fd1293059ef9295be072777bc9d192a1
- SHA256
  
  ccfce06113edd99d25c935f5d8a503140e6b402adb4cf4909e158f9c84aef8bc
- SHA512
  
  5fe2317508c921e38fb65722cd36ca5cd1c3ebb03c0cf27d9311d51126edfa16d09845cb4819a4005061167953bce6cca288d13659859813fc03882e88bc382a
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blacklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy