Overview

overview

8

Static

static

822_31082021.xlsx

windows7_x64

8

822_31082021.xlsx

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    822_31082021.xlsx

  • Size

    741KB

  • Sample

    210721-a6ghvtlgb6

  • MD5

    a8551ea61cf59fdd81685288040d9353

  • SHA1

    c62cfefbede937d5f04110760bf8588e04500c88

  • SHA256

    1dc30d9d91bde7559051cf046537d0aad4bf1a3dce6db1a8cf7cb95b15cbd86d

  • SHA512

    12fc4608604b40fce7f04db63c620548deea7712e87ab45af4711d587647ac0df0acad678ae8bc3f22e30133d33c72f2d854ed4f68b734128b957d4dda4b0b1a

Score
8/10

Malware Config

Targets

    • Target

      822_31082021.xlsx

    • Size

      741KB

    • MD5

      a8551ea61cf59fdd81685288040d9353

    • SHA1

      c62cfefbede937d5f04110760bf8588e04500c88

    • SHA256

      1dc30d9d91bde7559051cf046537d0aad4bf1a3dce6db1a8cf7cb95b15cbd86d

    • SHA512

      12fc4608604b40fce7f04db63c620548deea7712e87ab45af4711d587647ac0df0acad678ae8bc3f22e30133d33c72f2d854ed4f68b734128b957d4dda4b0b1a

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks