Overview

overview

10

Static

static

8

120 seconds - Win. 10

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Calc.xls

  • Size

    62KB

  • Sample

    201126-m3xlaked7s

  • MD5

    fa823b6283e3857b34f2cb34a2a1a109

  • SHA1

    46cc42673f603350fa8b6bffaa45656ce6f5cbfc

  • SHA256

    c38f356c4508b5071a96ec9a70ff712b70c3237fc1519b0befc3ea1d29c418f1

  • SHA512

    0b952cd0c6a9b5bea2ee3d48991e8efc8dc2823891a9678b85b81d7fc9c198215bf78afe6093068e570c7984f302363eca3c441194544a75a7adef0891872d2c

Score
10/10
cryptonemacropacker

Malware Config

Targets

    • Target

      Calc.xls

    • Size

      62KB

    • MD5

      fa823b6283e3857b34f2cb34a2a1a109

    • SHA1

      46cc42673f603350fa8b6bffaa45656ce6f5cbfc

    • SHA256

      c38f356c4508b5071a96ec9a70ff712b70c3237fc1519b0befc3ea1d29c418f1

    • SHA512

      0b952cd0c6a9b5bea2ee3d48991e8efc8dc2823891a9678b85b81d7fc9c198215bf78afe6093068e570c7984f302363eca3c441194544a75a7adef0891872d2c

    Score
    10/10
    cryptonepacker

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • CryptOne packer

      Detects CryptOne packer defined in NCC blogpost.

      cryptonepacker

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks