d36d950e9c94564bcb37f058d4ba3636281a273fd59d7eac0f3dc8fa215b5590 | Triage

Submit
Reports

Overview

overview

Static

static

8

ACH Remitt...ls.xls

windows7_x64

ACH Remitt...ls.xls

windows10_x64

Sharing

General

Target

ACH Remittance Details.xls
Size

35KB
Sample

210118-ct5ld1m846
MD5

b3931a02644f28eaee7711d36333eece
SHA1

72e0ab0c9b992f94db5ae45022df57f1522b9895
SHA256

d36d950e9c94564bcb37f058d4ba3636281a273fd59d7eac0f3dc8fa215b5590
SHA512

5202adec9629fc94eaa70d2e6d62212a9ebde57e9d7e89709f33efd4fd54ab8f44c699fb9c4553b8b640273305ce73a0aece8a4935fef9c67c0d4c60ffd4da63

Score

10^/10

macro macro_on_action xlm

Static task

static1

macro xlm macro_on_action

Behavioral task

behavioral1

Sample

ACH Remittance Details.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ACH Remittance Details.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ACH Remittance Details.xls
- Size
  
  35KB
- MD5
  
  b3931a02644f28eaee7711d36333eece
- SHA1
  
  72e0ab0c9b992f94db5ae45022df57f1522b9895
- SHA256
  
  d36d950e9c94564bcb37f058d4ba3636281a273fd59d7eac0f3dc8fa215b5590
- SHA512
  
  5202adec9629fc94eaa70d2e6d62212a9ebde57e9d7e89709f33efd4fd54ab8f44c699fb9c4553b8b640273305ce73a0aece8a4935fef9c67c0d4c60ffd4da63
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macroxlmmacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy