Overview

overview

10

Static

static

8

120 seconds - Win. 10

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    case_3.xls

  • Size

    124KB

  • Sample

    210312-xwg6vwc836

  • MD5

    87fc72adcb395eb083e076dc1cfa20c7

  • SHA1

    67ac98ed09742ddb0a1ab68fc590c73cb2f79b1b

  • SHA256

    b7d4f66a98e928dfb18d41021e5ad11043a3fc473c794edf481e8aa8c7cc9255

  • SHA512

    1c504f48b22129c88c4e7614e6773de2b12cfdddda3dad6acffafa04fedf5b1e7bf324c499249b2405d70e4477e42c9c4c014147ac313c8d17332980bba3573c

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      case_3.xls

    • Size

      124KB

    • MD5

      87fc72adcb395eb083e076dc1cfa20c7

    • SHA1

      67ac98ed09742ddb0a1ab68fc590c73cb2f79b1b

    • SHA256

      b7d4f66a98e928dfb18d41021e5ad11043a3fc473c794edf481e8aa8c7cc9255

    • SHA512

      1c504f48b22129c88c4e7614e6773de2b12cfdddda3dad6acffafa04fedf5b1e7bf324c499249b2405d70e4477e42c9c4c014147ac313c8d17332980bba3573c

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks