5b029d35e3b26016449753fa274b30071f7e7857b0f07af97d9d0dfed828e581 | Triage

Submit
Reports

Overview

overview

Static

static

8

Copy 7739588.xlsm

windows7_x64

Copy 7739588.xlsm

windows10_x64

Sharing

General

Target

Copy 7739588.xlsm
Size

201KB
Sample

210311-qarwzg9fwn
MD5

afb5ae0f3a9992fdd329d5353d5faf3d
SHA1

f7900c280982426cf5b69c56500e5c1a3bfa3149
SHA256

5b029d35e3b26016449753fa274b30071f7e7857b0f07af97d9d0dfed828e581
SHA512

8d030af621f5d0370daf98912b69a88f353f8e7e6676a760cf66e6b927aa783dc124f9ad67ef2b103f1a105fe1f4c861ab57971e274072607466ef449c0e8a43

Score

10^/10

macro

Static task

static1

Behavioral task

behavioral1

Sample

Copy 7739588.xlsm

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Copy 7739588.xlsm

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Copy 7739588.xlsm
- Size
  
  201KB
- MD5
  
  afb5ae0f3a9992fdd329d5353d5faf3d
- SHA1
  
  f7900c280982426cf5b69c56500e5c1a3bfa3149
- SHA256
  
  5b029d35e3b26016449753fa274b30071f7e7857b0f07af97d9d0dfed828e581
- SHA512
  
  8d030af621f5d0370daf98912b69a88f353f8e7e6676a760cf66e6b927aa783dc124f9ad67ef2b103f1a105fe1f4c861ab57971e274072607466ef449c0e8a43
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy