General

  • Target

    66036cf566386c159e49191125497c77c13c75778492519000b9f61a4afdedad

  • Size

    19KB

  • Sample

    210114-775pajwh4a

  • MD5

    9e980272bfd728084e6661b05f442541

  • SHA1

    1b2434d3f1148f1900ff026122e49c3f8092f819

  • SHA256

    66036cf566386c159e49191125497c77c13c75778492519000b9f61a4afdedad

  • SHA512

    2c693af5005ea166e72f30aa5bb7f781166f94808f59fd5df29cd48cfda1282d3f7c0a154a7c4af59834ce3f7f7dd187926c2cd562e15f105fd2063416ec44c6

Score
10/10

Malware Config

Targets

    • Target

      Document_501487929-Copy.xls

    • Size

      43KB

    • MD5

      25beaeae50c5344cca2302b0d6f16205

    • SHA1

      ed39d9ce2f58de74bba5fca366bff9886698ad94

    • SHA256

      94d759f43bcc647f7233e19ddc160a6b43458dcde6d2ea4274c8c06b2890def2

    • SHA512

      aa74bd0c7b643a2de5705c4434fb72afa5def4ea316b0ece9c4f82f58321989a953c3990b65064148adca5b087916981e00a9f94244ce3d4c40728efa0872270

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks