General

  • Target

    Invoice-50038584_20211020.xlsb

  • Size

    167KB

  • Sample

    211021-kdc6fsaad7

  • MD5

    5b3f012ec3213e5ad74a6b6621c0ac11

  • SHA1

    07c224c9720cf9ad19b7923202ef5d4dba95c367

  • SHA256

    8df6b641eb89af06cba81097f8e98a1de5648524fba678d34e5ca849de41d1de

  • SHA512

    ec58bd8401e8a563ceda0e353776266357dc64f4f344df8e4429e54ec3d1b6020fc35f37f0ad127d4ad839741586d2d0c147c60e83f7afff03348108c9949e16

Score
10/10

Malware Config

Targets

    • Target

      Invoice-50038584_20211020.xlsb

    • Size

      167KB

    • MD5

      5b3f012ec3213e5ad74a6b6621c0ac11

    • SHA1

      07c224c9720cf9ad19b7923202ef5d4dba95c367

    • SHA256

      8df6b641eb89af06cba81097f8e98a1de5648524fba678d34e5ca849de41d1de

    • SHA512

      ec58bd8401e8a563ceda0e353776266357dc64f4f344df8e4429e54ec3d1b6020fc35f37f0ad127d4ad839741586d2d0c147c60e83f7afff03348108c9949e16

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks