0227e1d512332a5dd2d30d354e049515eb4e68405fe002f908bf4a91da5e3521 | Triage

Submit
Reports

Overview

overview

Static

static

8

document-1...58.xls

windows7_x64

document-1...58.xls

windows10_x64

Sharing

General

Target

document-1499231958.xls
Size

331KB
Sample

201126-tdqwefxmpa
MD5

a246634250a81e6dfdb693a79a163e68
SHA1

c41b8beb1364d377be81073ace4ef6cb6c7cf7c2
SHA256

0227e1d512332a5dd2d30d354e049515eb4e68405fe002f908bf4a91da5e3521
SHA512

835d6225f2af48265bd4ab07f6d3e3368327a23a447d38e24f386712efa87022e1bc73995c3e8320df214c0cd3c565115acc5a3457830874680bb487505162b9

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

document-1499231958.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-1499231958.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  document-1499231958.xls
- Size
  
  331KB
- MD5
  
  a246634250a81e6dfdb693a79a163e68
- SHA1
  
  c41b8beb1364d377be81073ace4ef6cb6c7cf7c2
- SHA256
  
  0227e1d512332a5dd2d30d354e049515eb4e68405fe002f908bf4a91da5e3521
- SHA512
  
  835d6225f2af48265bd4ab07f6d3e3368327a23a447d38e24f386712efa87022e1bc73995c3e8320df214c0cd3c565115acc5a3457830874680bb487505162b9
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy