Overview

overview

10

Static

static

8

societ_1309.xlsb

windows7_x64

1

societ_1309.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    societ_1309.xlsb

  • Size

    62KB

  • Sample

    210315-jfktkm6rcj

  • MD5

    155f6276f61c56016e418efaaa88d84d

  • SHA1

    45f7ea1fa45d0669c4e98b8b8b059fe82655de43

  • SHA256

    7cca2add4ceb4d53b7b6ed2ea2ca78544554350a705ffcf90b82327a29f792ce

  • SHA512

    458241a4b6ac601d830f2d86b8280c1913727f4789aab4a611ea5dca866f63241995163ca4d67f22a32f19b08b2cffdb5a43ae3a379ddc195f93980af7f05303

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      societ_1309.xlsb

    • Size

      62KB

    • MD5

      155f6276f61c56016e418efaaa88d84d

    • SHA1

      45f7ea1fa45d0669c4e98b8b8b059fe82655de43

    • SHA256

      7cca2add4ceb4d53b7b6ed2ea2ca78544554350a705ffcf90b82327a29f792ce

    • SHA512

      458241a4b6ac601d830f2d86b8280c1913727f4789aab4a611ea5dca866f63241995163ca4d67f22a32f19b08b2cffdb5a43ae3a379ddc195f93980af7f05303

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks