Overview

overview

10

Static

static

8

Invoice 7739588.xlsm

windows7_x64

10

Invoice 7739588.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Invoice 7739588.xlsm

  • Size

    208KB

  • Sample

    210313-9sbrgn552x

  • MD5

    18bda253da854f2ee726961804cb1d81

  • SHA1

    681ce3158dafcc760c247753dfa449e38935275c

  • SHA256

    e54e2798f937775cf8e763c8a57ad5401c273bb4dc5893302796937658762e4c

  • SHA512

    844adfec03231c29e36a3eb827a430d058f488cce5fe0c0ad9ba5d74205718d0891eadedd0208cec418ccbe0daace2b205b495bb6128bf06579841e7c94958bb

Score
10/10
macro

Malware Config

Targets

    • Target

      Invoice 7739588.xlsm

    • Size

      208KB

    • MD5

      18bda253da854f2ee726961804cb1d81

    • SHA1

      681ce3158dafcc760c247753dfa449e38935275c

    • SHA256

      e54e2798f937775cf8e763c8a57ad5401c273bb4dc5893302796937658762e4c

    • SHA512

      844adfec03231c29e36a3eb827a430d058f488cce5fe0c0ad9ba5d74205718d0891eadedd0208cec418ccbe0daace2b205b495bb6128bf06579841e7c94958bb

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks