Overview

overview

10

Static

static

8

Invoice-64...3.xlsb

windows7_x64

10

Invoice-64...3.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Invoice-64145512_20211013.xlsb

  • Size

    269KB

  • Sample

    211014-rgzbeshfg9

  • MD5

    4e6d8b34d4441d66984a1b4fa51fe561

  • SHA1

    a991079981a98f9cf3ceba151ce56d39fa522b5d

  • SHA256

    6a5cd724baaebc19773830980de192cfa10e9d921469153399e656fbdd0ff972

  • SHA512

    a934d862c117c7010b17473fe6c9d71824f43a95fe48e7bf93ce5505142a8dd29b5aacc9dc75bf7257571e494ae6b39e6ec399f9efa0e9dbb99722bcaa080804

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      Invoice-64145512_20211013.xlsb

    • Size

      269KB

    • MD5

      4e6d8b34d4441d66984a1b4fa51fe561

    • SHA1

      a991079981a98f9cf3ceba151ce56d39fa522b5d

    • SHA256

      6a5cd724baaebc19773830980de192cfa10e9d921469153399e656fbdd0ff972

    • SHA512

      a934d862c117c7010b17473fe6c9d71824f43a95fe48e7bf93ce5505142a8dd29b5aacc9dc75bf7257571e494ae6b39e6ec399f9efa0e9dbb99722bcaa080804

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks