General

  • Target

    ORDER Password 016.xlsb

  • Size

    22KB

  • Sample

    210722-gv96xfnr56

  • MD5

    467cd2162bedb716002e3c092eee5dd9

  • SHA1

    75c1029048796673ac7c2eb594e6470f6efce826

  • SHA256

    0a4bc12bdcd24aabd6cb2711654e17a513f442fec08026387f953d6b1baa3768

  • SHA512

    9ae0086d185e4b3075e008b92b3cecab4ab85d49429796235cbb1cb2584380a8b122746e028a79d846ddbfb76a2778fbdc8bb47d36827c3a53cc126338ef074d

Score
10/10

Malware Config

Targets

    • Target

      ORDER Password 016.xlsb

    • Size

      22KB

    • MD5

      467cd2162bedb716002e3c092eee5dd9

    • SHA1

      75c1029048796673ac7c2eb594e6470f6efce826

    • SHA256

      0a4bc12bdcd24aabd6cb2711654e17a513f442fec08026387f953d6b1baa3768

    • SHA512

      9ae0086d185e4b3075e008b92b3cecab4ab85d49429796235cbb1cb2584380a8b122746e028a79d846ddbfb76a2778fbdc8bb47d36827c3a53cc126338ef074d

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v6

Tasks