Overview

overview

10

Static

static

8

c02f28f236...ac.xls

windows7-x64

10

c02f28f236...ac.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c02f28f236ecfee62ecdba6bb1be7d5cd8ea68d7cdcf0e4ec661db30206316ac

  • Size

    107KB

  • Sample

    221119-31p3msgc25

  • MD5

    47eb9fcd708d4863d2fce6b1ead80570

  • SHA1

    cab8394d3c9f3f564095bbf8e35b41f964135bef

  • SHA256

    c02f28f236ecfee62ecdba6bb1be7d5cd8ea68d7cdcf0e4ec661db30206316ac

  • SHA512

    462c2088c5ac5eb8bbbf8f45f279af91a0bf3d834114a4d45d68d096c3220575c8f11f8b6c26376532820699013bbad3ac8e00842cdb2774844ee07ecacf0a65

  • SSDEEP

    3072:1XlU33sDOCkkQYWVbrzQ7ITK3sXJtXwAW:1XlnDOCkxX

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      c02f28f236ecfee62ecdba6bb1be7d5cd8ea68d7cdcf0e4ec661db30206316ac

    • Size

      107KB

    • MD5

      47eb9fcd708d4863d2fce6b1ead80570

    • SHA1

      cab8394d3c9f3f564095bbf8e35b41f964135bef

    • SHA256

      c02f28f236ecfee62ecdba6bb1be7d5cd8ea68d7cdcf0e4ec661db30206316ac

    • SHA512

      462c2088c5ac5eb8bbbf8f45f279af91a0bf3d834114a4d45d68d096c3220575c8f11f8b6c26376532820699013bbad3ac8e00842cdb2774844ee07ecacf0a65

    • SSDEEP

      3072:1XlU33sDOCkkQYWVbrzQ7ITK3sXJtXwAW:1XlnDOCkxX

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks