Overview

overview

10

Static

static

catalog-21...09.xls

windows7_x64

1

catalog-21...09.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    catalog-2108006509.zip

  • Size

    50KB

  • Sample

    210513-3vvqmgztfn

  • MD5

    f5df7c1a3c23e92a698705ab35b95fde

  • SHA1

    4ee3c5401e27a1ff4a5f6b8c3ffbfecb76e760dd

  • SHA256

    fa330a94a6b73e2458396e509688752bb02dc85af0e88798e703d2650644c0bf

  • SHA512

    7122af645c2e562666a3af8716d01ee3fbdc133eb732f87d3b06774d51f84527ba1b7c088b18ea50458d919fc58b85e53cc4e06abca86672f46e22764c6229dc

Score
10/10

Malware Config

Targets

    • Target

      catalog-2108006509.xls

    • Size

      367KB

    • MD5

      4f99063e13647ee01483ed6275143f04

    • SHA1

      b025c1c1ba4049342bf5d09bed1f648f993a3245

    • SHA256

      0bdc34a774a349651649e01545e08f8b15593642da389063fcf6f7b9c580fcbd

    • SHA512

      02136a3208f3b5fb432e0978d33d84708d0a741d437b5562ae1cbdcd9ec09c8471c3259cec2d21a3b8430755edc5c1b0c9301108c887432454a30427a6e4af77

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks