Overview

overview

10

Static

static

8

c965880f0e...d7.xls

windows7-x64

10

c965880f0e...d7.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c965880f0e964f46df8c423a22d1ccb32c72d214d6421a0798d9938887f2b5d7

  • Size

    91KB

  • Sample

    221121-pdcbdahf99

  • MD5

    2032497ae5106a50beb3e5b39dab2f70

  • SHA1

    7b3ee17bc16eb17918b83c2516f200121564b3ae

  • SHA256

    c965880f0e964f46df8c423a22d1ccb32c72d214d6421a0798d9938887f2b5d7

  • SHA512

    4fdb9d1d70481bd56157d200f4e9acbc53c969218745ed7ca89ca23b381bae9fc3501a813dbb6666ab5ced4b85d9234c72b6ca997f96de839a7699f8556e1c07

  • SSDEEP

    1536:XCCCmeO2o6s2jcc0lbxOe62AZiM88ScJTXwWQgtY:V2jcc0lbxOOujhJTXw8

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      c965880f0e964f46df8c423a22d1ccb32c72d214d6421a0798d9938887f2b5d7

    • Size

      91KB

    • MD5

      2032497ae5106a50beb3e5b39dab2f70

    • SHA1

      7b3ee17bc16eb17918b83c2516f200121564b3ae

    • SHA256

      c965880f0e964f46df8c423a22d1ccb32c72d214d6421a0798d9938887f2b5d7

    • SHA512

      4fdb9d1d70481bd56157d200f4e9acbc53c969218745ed7ca89ca23b381bae9fc3501a813dbb6666ab5ced4b85d9234c72b6ca997f96de839a7699f8556e1c07

    • SSDEEP

      1536:XCCCmeO2o6s2jcc0lbxOe62AZiM88ScJTXwWQgtY:V2jcc0lbxOOujhJTXw8

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks