ab56549d2d9404bdbc355fa838159f87f873f297c32423ed6a70ae66f2b48e7a | Triage

Submit
Reports

Overview

overview

Static

static

8

Invoice-98...3.xlsb

windows7_x64

Resubmissions

18-10-2021 17:50

211018-we39tafbbl 10

18-10-2021 17:05

211018-vlt42sdhe2 8

Sharing

General

Target

Invoice-988656991_20211013.xlsb
Size

212KB
Sample

211018-we39tafbbl
MD5

af0ddbd89d5c6a09e3dae43ef990aae1
SHA1

09e8b34e7ea89402fb3d8bc9c22d8ab38b4e864f
SHA256

ab56549d2d9404bdbc355fa838159f87f873f297c32423ed6a70ae66f2b48e7a
SHA512

5b0fb31c24924ba0b3c034654aaefd969d079f78ef63e676c0bb0f0b81df7f75b1a9a39913219372df3a044b5a12dbe967b30888b1dd2dc4a32755f936aedff7

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

Invoice-988656991_20211013.xlsb

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Invoice-988656991_20211013.xlsb
- Size
  
  212KB
- MD5
  
  af0ddbd89d5c6a09e3dae43ef990aae1
- SHA1
  
  09e8b34e7ea89402fb3d8bc9c22d8ab38b4e864f
- SHA256
  
  ab56549d2d9404bdbc355fa838159f87f873f297c32423ed6a70ae66f2b48e7a
- SHA512
  
  5b0fb31c24924ba0b3c034654aaefd969d079f78ef63e676c0bb0f0b81df7f75b1a9a39913219372df3a044b5a12dbe967b30888b1dd2dc4a32755f936aedff7
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy