General

  • Target

    Copy of Invoice 7739588.xlsm

  • Size

    396KB

  • Sample

    210311-1q27lchlcn

  • MD5

    0ebd66296b64dd6c70e7ed59d8736886

  • SHA1

    20958d81ce924d8ed14e93078b5f661ee85cb263

  • SHA256

    1475636af6d42e5dc6fd8ac8e5a9850dcb6c0f041260dc6dfa705937db677799

  • SHA512

    49365bb54a02e58f0eb1ae9bfc6a020d2a4161ba2d34b350b45b55b985a4836b8756f0da1c880a51f872a18187840c9df5ed201993133c4134924558ab3136dd

Score
10/10

Malware Config

Targets

    • Target

      Copy of Invoice 7739588.xlsm

    • Size

      396KB

    • MD5

      0ebd66296b64dd6c70e7ed59d8736886

    • SHA1

      20958d81ce924d8ed14e93078b5f661ee85cb263

    • SHA256

      1475636af6d42e5dc6fd8ac8e5a9850dcb6c0f041260dc6dfa705937db677799

    • SHA512

      49365bb54a02e58f0eb1ae9bfc6a020d2a4161ba2d34b350b45b55b985a4836b8756f0da1c880a51f872a18187840c9df5ed201993133c4134924558ab3136dd

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v6

Tasks