Overview

overview

10

Static

static

8

666f323aaa...2.xlsm

windows7_x64

10

666f323aaa...2.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    666f323aaaeb3ad7c537561f66d74132.xlsm

  • Size

    187KB

  • Sample

    210303-ww7hkxg76s

  • MD5

    666f323aaaeb3ad7c537561f66d74132

  • SHA1

    478f0bb55cef539818bffde3dc7f3175c29bf2cb

  • SHA256

    7f322b2e240f3dfc09f4be7d9cbc806feb902587fbba27520d4d8641c6fa683c

  • SHA512

    2caad2f2a45683475637dc331016be9ac642ea3119f7265d6d76a6994153ce88e14ba9985664231c3e48e0f52f94a6506f90d1ce4ea800dfc7e6e056596955ac

Score
10/10
macro

Malware Config

Targets

    • Target

      666f323aaaeb3ad7c537561f66d74132.xlsm

    • Size

      187KB

    • MD5

      666f323aaaeb3ad7c537561f66d74132

    • SHA1

      478f0bb55cef539818bffde3dc7f3175c29bf2cb

    • SHA256

      7f322b2e240f3dfc09f4be7d9cbc806feb902587fbba27520d4d8641c6fa683c

    • SHA512

      2caad2f2a45683475637dc331016be9ac642ea3119f7265d6d76a6994153ce88e14ba9985664231c3e48e0f52f94a6506f90d1ce4ea800dfc7e6e056596955ac

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks