Overview

overview

8

Static

static

8

PO_723_057_35.xls

windows7_x64

8

PO_723_057_35.xls

windows10_x64

1

Resubmissions

15-04-2021 14:52

210415-yq44wm2vx6 8

15-04-2021 14:46

210415-pceqx9e4ts 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO_723_057_35.xls

  • Size

    342KB

  • Sample

    210415-yq44wm2vx6

  • MD5

    f264b8c58febaa3f3eea9a8c83c78cbf

  • SHA1

    36010881f4c3e15878bb3d5e76bc443d82827ebe

  • SHA256

    db66b26d04c77e03bbf22957af34ba2b5817c397036ab8d4b7c222ec1b1ff40e

  • SHA512

    a60be6e617f2704c3dfdc7bcc06e2426f5c52e56da447c92c94e1ce3d118c27b0ef180845557abf3c1d6a63de4f85b93c11eac06bb7bc51c17934406c797f912

Score
8/10
macromacro_on_actionxlm

Malware Config

Targets

    • Target

      PO_723_057_35.xls

    • Size

      342KB

    • MD5

      f264b8c58febaa3f3eea9a8c83c78cbf

    • SHA1

      36010881f4c3e15878bb3d5e76bc443d82827ebe

    • SHA256

      db66b26d04c77e03bbf22957af34ba2b5817c397036ab8d4b7c222ec1b1ff40e

    • SHA512

      a60be6e617f2704c3dfdc7bcc06e2426f5c52e56da447c92c94e1ce3d118c27b0ef180845557abf3c1d6a63de4f85b93c11eac06bb7bc51c17934406c797f912

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Discovery

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                    Privilege Escalation

                      Tasks