Overview

overview

10

Static

static

8

df4710eafb...d.xlsm

windows7_x64

10

df4710eafb...d.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df4710eafb4aefe31ca783ee7ecd666726872ab820983a855498d8d6ba94967d

  • Size

    20KB

  • Sample

    210926-v7kshafbg6

  • MD5

    3aa5372c22d6d5282a1484cf12a37e6a

  • SHA1

    b20c87c0ee0409b651ff9751204969b0fc61996d

  • SHA256

    df4710eafb4aefe31ca783ee7ecd666726872ab820983a855498d8d6ba94967d

  • SHA512

    0c6e6cc2a7160c53ef2289bde938001e277e27d1cfe17621d42b00ad83ac3b6c37f1b1c5a6107d1e90c0577a46074f0789a26e39e0d10ca586b62de8704249d6

Score
10/10
macro

Malware Config

Targets

    • Target

      df4710eafb4aefe31ca783ee7ecd666726872ab820983a855498d8d6ba94967d

    • Size

      20KB

    • MD5

      3aa5372c22d6d5282a1484cf12a37e6a

    • SHA1

      b20c87c0ee0409b651ff9751204969b0fc61996d

    • SHA256

      df4710eafb4aefe31ca783ee7ecd666726872ab820983a855498d8d6ba94967d

    • SHA512

      0c6e6cc2a7160c53ef2289bde938001e277e27d1cfe17621d42b00ad83ac3b6c37f1b1c5a6107d1e90c0577a46074f0789a26e39e0d10ca586b62de8704249d6

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks