Overview

overview

10

Static

static

8

50f3beedad...e.xlsm

windows7_x64

10

50f3beedad...e.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50f3beedad39312761c7078aca103c9126553383925cabcb7ac4b6a2332748fe

  • Size

    117KB

  • Sample

    210721-hc1gt854ee

  • MD5

    f1e1698ef73827e738bf44328e6cc0aa

  • SHA1

    b72cec166a6f2286766e7a2253802f306a6ec0bc

  • SHA256

    50f3beedad39312761c7078aca103c9126553383925cabcb7ac4b6a2332748fe

  • SHA512

    ad968311b1d022b15834d07f17092465c8c4165d9c39649a03568093b6ac4e552848b4ea1e344001a647f56e45024143b25e3f3d9d7af18bb573bc45b445dd36

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      50f3beedad39312761c7078aca103c9126553383925cabcb7ac4b6a2332748fe

    • Size

      117KB

    • MD5

      f1e1698ef73827e738bf44328e6cc0aa

    • SHA1

      b72cec166a6f2286766e7a2253802f306a6ec0bc

    • SHA256

      50f3beedad39312761c7078aca103c9126553383925cabcb7ac4b6a2332748fe

    • SHA512

      ad968311b1d022b15834d07f17092465c8c4165d9c39649a03568093b6ac4e552848b4ea1e344001a647f56e45024143b25e3f3d9d7af18bb573bc45b445dd36

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks