Overview

overview

10

Static

static

8

06012c700c...a8.doc

windows7_x64

10

06012c700c...a8.doc

windows10_x64

10

Resubmissions

18-11-2021 12:43

211118-px6dkagae7 10

17-11-2021 22:34

211117-2g543sebe5 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06012c700c1dac4c122303e920fdf1c71c41e681673c241c9698e5766df275a8

  • Size

    140KB

  • Sample

    211118-px6dkagae7

  • MD5

    391dca4cf91ae12aa1b5ac9d0ac3ec41

  • SHA1

    47cfcf587d838f68a8f8df53ea3afae475436992

  • SHA256

    06012c700c1dac4c122303e920fdf1c71c41e681673c241c9698e5766df275a8

  • SHA512

    de299156048c8cb81fe9a5e839442347d118b9de47b353500647a73d4b97f010dcef6d6eb3c7ee9b04874010efd0b9f3b8790f8f9013a47271528eaed1be0c41

Score
10/10
macro

Malware Config

Targets

    • Target

      06012c700c1dac4c122303e920fdf1c71c41e681673c241c9698e5766df275a8

    • Size

      140KB

    • MD5

      391dca4cf91ae12aa1b5ac9d0ac3ec41

    • SHA1

      47cfcf587d838f68a8f8df53ea3afae475436992

    • SHA256

      06012c700c1dac4c122303e920fdf1c71c41e681673c241c9698e5766df275a8

    • SHA512

      de299156048c8cb81fe9a5e839442347d118b9de47b353500647a73d4b97f010dcef6d6eb3c7ee9b04874010efd0b9f3b8790f8f9013a47271528eaed1be0c41

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks