General

  • Target

    Invoice 44WG.xlsb

  • Size

    249KB

  • Sample

    211014-r36ydsaehp

  • MD5

    c35296bd615bb0260ec444fb6917c2d7

  • SHA1

    f2db011b1642bbc44ad53b45b1bb73ce3568334e

  • SHA256

    87086d5ad9c8a0ddc1bb7f656d6002299bec033daa098899c91c258e3f310359

  • SHA512

    da1ad8f57ae979869f01afc44cae6e86762b3f300ca9f8713508f5b9fd2164518f18bf8c2200e98c6660c73072aa9c50628fc4de0b82e994fd06f9dc66d231d3

Score
10/10

Malware Config

Targets

    • Target

      Invoice 44WG.xlsb

    • Size

      249KB

    • MD5

      c35296bd615bb0260ec444fb6917c2d7

    • SHA1

      f2db011b1642bbc44ad53b45b1bb73ce3568334e

    • SHA256

      87086d5ad9c8a0ddc1bb7f656d6002299bec033daa098899c91c258e3f310359

    • SHA512

      da1ad8f57ae979869f01afc44cae6e86762b3f300ca9f8713508f5b9fd2164518f18bf8c2200e98c6660c73072aa9c50628fc4de0b82e994fd06f9dc66d231d3

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks