8bdcc1592ffaee9154ed4331a44fa52af3b2baebbd4ef71840adc73b38635d9e | Triage

Submit
Reports

Overview

overview

Static

static

8

Invoice #035.xlsm

windows7_x64

1

Invoice #035.xlsm

windows10_x64

Sharing

General

Target

Invoice #035.xlsm
Size

155KB
Sample

210421-e9v4v59jyn
MD5

77f482d7c33d70474d451cf2546f4b4f
SHA1

9ef86f2a8171e50ec5734886d895885280e029d8
SHA256

8bdcc1592ffaee9154ed4331a44fa52af3b2baebbd4ef71840adc73b38635d9e
SHA512

f656c8f2a14ddb066469f20ab5303f5a0ec18d17648e67a59fde4902dc923f5a70fe4cc4964251a705275e98073df76821ec6e3ee8d93982fb86ec71a698404a

Score

10^/10

evasion macro trojan

Static task

static1

Behavioral task

behavioral1

Sample

Invoice #035.xlsm

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Invoice #035.xlsm

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Invoice #035.xlsm
- Size
  
  155KB
- MD5
  
  77f482d7c33d70474d451cf2546f4b4f
- SHA1
  
  9ef86f2a8171e50ec5734886d895885280e029d8
- SHA256
  
  8bdcc1592ffaee9154ed4331a44fa52af3b2baebbd4ef71840adc73b38635d9e
- SHA512
  
  f656c8f2a14ddb066469f20ab5303f5a0ec18d17648e67a59fde4902dc923f5a70fe4cc4964251a705275e98073df76821ec6e3ee8d93982fb86ec71a698404a
Score

10^/10

evasion trojan
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy