Overview

overview

10

Static

static

8

document-1...74.xls

windows7_x64

10

document-1...74.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    document-1460706074.xls

  • Size

    332KB

  • Sample

    201126-6hw553yv3a

  • MD5

    aafe21674c3bc33ebdf6d6ee75fae71d

  • SHA1

    477e2c3030e9ea55881b05b2f33fc0fd2be27bab

  • SHA256

    1b7809d6db5ea262334832714816856b3bb8adcd05bd8bfaa60651495ebe1386

  • SHA512

    097091862626e18906acff481dad238ba0770af453e10fe34b9aecc38fe6b67f631d463368111d98ef228ab4d3185394d067e28a33284e9f31e4162491a3c42f

Score
10/10
macro

Malware Config

Targets

    • Target

      document-1460706074.xls

    • Size

      332KB

    • MD5

      aafe21674c3bc33ebdf6d6ee75fae71d

    • SHA1

      477e2c3030e9ea55881b05b2f33fc0fd2be27bab

    • SHA256

      1b7809d6db5ea262334832714816856b3bb8adcd05bd8bfaa60651495ebe1386

    • SHA512

      097091862626e18906acff481dad238ba0770af453e10fe34b9aecc38fe6b67f631d463368111d98ef228ab4d3185394d067e28a33284e9f31e4162491a3c42f

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks