Overview

overview

10

Static

static

8

28e9aea8a6...ee.xls

windows7-x64

10

28e9aea8a6...ee.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28e9aea8a6e2ecf48553dd393c27c6f36cd6eed1b91efa851ebb5a98481f00ee

  • Size

    272KB

  • Sample

    221119-31xgqabd9v

  • MD5

    418a4cbd2e966ecc2401fa9189273f10

  • SHA1

    8d666af8493e3a12a42bedb1493daaf8ddce7465

  • SHA256

    28e9aea8a6e2ecf48553dd393c27c6f36cd6eed1b91efa851ebb5a98481f00ee

  • SHA512

    99d6736af7ec68bd1fdcd4b25ff77649a658d4499b44d8350dff50652460c2b910a2cae1a76f4d9096e19a5d3b05a8ad53f6cd601b01f70376362b3064536f77

  • SSDEEP

    3072:2pUKFq9XO3Jmh1lfnoQF2jcc0lbxOKboJtXw8aBU:NBXO2Ob

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      28e9aea8a6e2ecf48553dd393c27c6f36cd6eed1b91efa851ebb5a98481f00ee

    • Size

      272KB

    • MD5

      418a4cbd2e966ecc2401fa9189273f10

    • SHA1

      8d666af8493e3a12a42bedb1493daaf8ddce7465

    • SHA256

      28e9aea8a6e2ecf48553dd393c27c6f36cd6eed1b91efa851ebb5a98481f00ee

    • SHA512

      99d6736af7ec68bd1fdcd4b25ff77649a658d4499b44d8350dff50652460c2b910a2cae1a76f4d9096e19a5d3b05a8ad53f6cd601b01f70376362b3064536f77

    • SSDEEP

      3072:2pUKFq9XO3Jmh1lfnoQF2jcc0lbxOKboJtXw8aBU:NBXO2Ob

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks