Overview

overview

8

Static

static

HL-5726980...R.xlsx

windows7_x64

8

HL-5726980...R.xlsx

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HL-57269806 TRMER.xlsx

  • Size

    2.3MB

  • Sample

    210408-hlpz8qlyzx

  • MD5

    84c226b57ceb63a7769aa0d5b6615c10

  • SHA1

    20c0cee880522292bc78707a035d091b7c654e57

  • SHA256

    7128ac89b5136d7e186c8f112c3f098a4464ea721de9314bdb6d26ecfe4e6ac2

  • SHA512

    7099ccac8e22ad16bb130ba9ee14f85bebaf54235c498fc452f4b7c053c89b28c131f99a1ce7848acbff5e14c04212982e65cf6a2bffe7d007124eb0b56433f2

Score
8/10

Malware Config

Targets

    • Target

      HL-57269806 TRMER.xlsx

    • Size

      2.3MB

    • MD5

      84c226b57ceb63a7769aa0d5b6615c10

    • SHA1

      20c0cee880522292bc78707a035d091b7c654e57

    • SHA256

      7128ac89b5136d7e186c8f112c3f098a4464ea721de9314bdb6d26ecfe4e6ac2

    • SHA512

      7099ccac8e22ad16bb130ba9ee14f85bebaf54235c498fc452f4b7c053c89b28c131f99a1ce7848acbff5e14c04212982e65cf6a2bffe7d007124eb0b56433f2

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks