Overview

overview

10

Static

static

8

SecuriteIn...0.xlsm

windows7_x64

1

SecuriteIn...0.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Heur.2958.19150

  • Size

    163KB

  • Sample

    210422-pnm9w4ncr6

  • MD5

    35bdb83445254ac57d3b471b002dca1a

  • SHA1

    29738a1203c188b3a6d33322e4f7982b0a4e8f66

  • SHA256

    6b06bf3d865e5eddab7920e5b00ffefd032b152557e1e74ac3b262909ee20b3a

  • SHA512

    e059756124faf2cc5ae84b73780e2ead61e206a73465c7345d9b37b60766d3baf756e33fff4270acc17b8e9d5e52c8c13e8bd04b76e1833f966e58a7b829e26c

Score
10/10
macro

Malware Config

Targets

    • Target

      SecuriteInfo.com.Heur.2958.19150

    • Size

      163KB

    • MD5

      35bdb83445254ac57d3b471b002dca1a

    • SHA1

      29738a1203c188b3a6d33322e4f7982b0a4e8f66

    • SHA256

      6b06bf3d865e5eddab7920e5b00ffefd032b152557e1e74ac3b262909ee20b3a

    • SHA512

      e059756124faf2cc5ae84b73780e2ead61e206a73465c7345d9b37b60766d3baf756e33fff4270acc17b8e9d5e52c8c13e8bd04b76e1833f966e58a7b829e26c

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks