Overview

overview

10

Static

static

8

2cdd77f5b0...1b.xls

windows7-x64

10

2cdd77f5b0...1b.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2cdd77f5b0315c629a12ae45d18d6868141b5182bb3d665fe8a5a378656ede1b

  • Size

    82KB

  • Sample

    221118-23s2msga91

  • MD5

    261e9906ba6d2964284bb4d5bfab992f

  • SHA1

    b45bdf2dfcd8f29d344f4481cb8e56ba65f875e7

  • SHA256

    2cdd77f5b0315c629a12ae45d18d6868141b5182bb3d665fe8a5a378656ede1b

  • SHA512

    8892b2c18ece80fa35c3d284882232b2680a2c9d99c1fe0a9b3d1bb4b125c2285382dc9dccd5999eec7fa284a27e1007222f7477413d4c6ed87d2100694b135e

  • SSDEEP

    1536:e3333TC+LUAIMAN2jcc0lbxOqTgZEM88ScJtX+3p+EA:T52jcc0lbxOKQjhJtX+AEA

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      2cdd77f5b0315c629a12ae45d18d6868141b5182bb3d665fe8a5a378656ede1b

    • Size

      82KB

    • MD5

      261e9906ba6d2964284bb4d5bfab992f

    • SHA1

      b45bdf2dfcd8f29d344f4481cb8e56ba65f875e7

    • SHA256

      2cdd77f5b0315c629a12ae45d18d6868141b5182bb3d665fe8a5a378656ede1b

    • SHA512

      8892b2c18ece80fa35c3d284882232b2680a2c9d99c1fe0a9b3d1bb4b125c2285382dc9dccd5999eec7fa284a27e1007222f7477413d4c6ed87d2100694b135e

    • SSDEEP

      1536:e3333TC+LUAIMAN2jcc0lbxOqTgZEM88ScJtX+3p+EA:T52jcc0lbxOKQjhJtX+AEA

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks