bc6a0298947129748c84a0ad5ea1406a826489729ac79ee5a89fd6176f3483c4 | Triage

Submit
Reports

Overview

overview

Static

static

8

SecuriteIn...0.xlsm

windows7_x64

SecuriteIn...0.xlsm

windows10_x64

Sharing

General

Target

SecuriteInfo.com.VB.Heur.EmoDldr.32.81663039.Gen.10010.7990
Size

207KB
Sample

210310-2e7tesmqhs
MD5

f01bd4e45d3e569d12ec52b344194a1d
SHA1

13c0a12b06327c9e9befee9b73963cc347422644
SHA256

bc6a0298947129748c84a0ad5ea1406a826489729ac79ee5a89fd6176f3483c4
SHA512

5274672d35ea7654b9084102cda57dc2cc9ca174897946a5edd2be4f281bde41b4b5d481f6726e4c02040c0c9ca166a6fe7e74b6f7ecf50fa855d20968ba928e

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.VB.Heur.EmoDldr.32.81663039.Gen.10010.7990.xlsm

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.VB.Heur.EmoDldr.32.81663039.Gen.10010.7990.xlsm

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.VB.Heur.EmoDldr.32.81663039.Gen.10010.7990
- Size
  
  207KB
- MD5
  
  f01bd4e45d3e569d12ec52b344194a1d
- SHA1
  
  13c0a12b06327c9e9befee9b73963cc347422644
- SHA256
  
  bc6a0298947129748c84a0ad5ea1406a826489729ac79ee5a89fd6176f3483c4
- SHA512
  
  5274672d35ea7654b9084102cda57dc2cc9ca174897946a5edd2be4f281bde41b4b5d481f6726e4c02040c0c9ca166a6fe7e74b6f7ecf50fa855d20968ba928e
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy