General

  • Target

    Invoice-668580135_20211021.xlsb

  • Size

    239KB

  • Sample

    211021-tr7fwsaed6

  • MD5

    18d1fbeb8874dbc9c9598f60058df872

  • SHA1

    5670de04f15fa1311fd2d2cdece27df8ea122878

  • SHA256

    acc369b7cf5fac37865d8fe1342480277f4343982e1cdfcf795a4a171476afac

  • SHA512

    6e486d86aa5a01abe650e9ca37a68e31f33196afcf19a9e519a04105583c4cec6391715f814dbbd593cf0968ccfed7fef1614a36173f59a574180c38c530829f

Score
10/10

Malware Config

Targets

    • Target

      Invoice-668580135_20211021.xlsb

    • Size

      239KB

    • MD5

      18d1fbeb8874dbc9c9598f60058df872

    • SHA1

      5670de04f15fa1311fd2d2cdece27df8ea122878

    • SHA256

      acc369b7cf5fac37865d8fe1342480277f4343982e1cdfcf795a4a171476afac

    • SHA512

      6e486d86aa5a01abe650e9ca37a68e31f33196afcf19a9e519a04105583c4cec6391715f814dbbd593cf0968ccfed7fef1614a36173f59a574180c38c530829f

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks