Overview

overview

10

Static

static

8

afc70bb7ed...48.xls

windows7-x64

10

afc70bb7ed...48.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afc70bb7edf0dfe13fe120e7c04301af2b90e1d6fb11fac69ddbe6f000d66148

  • Size

    150KB

  • Sample

    221121-pdcxxadd6x

  • MD5

    3d0c6cdebd74c4e6d08e526da9bc8770

  • SHA1

    898a89296fce8c5a0651c33615beffef972e2edc

  • SHA256

    afc70bb7edf0dfe13fe120e7c04301af2b90e1d6fb11fac69ddbe6f000d66148

  • SHA512

    4cd44354ffaee044243806094754768f8562d3e6af1ce5fb7944b342f000e8bc5241b8e75c521ebc0759e37642b90251a79f4b3a22db7b596acd73741c250ef2

  • SSDEEP

    3072:5uy2otZwgUd1GI7gbjVoc+7Pi+UEgdrWVbrzQ7dTkDv2JtXwRcekq:8y2otZ61GIiVoc+RUL

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      afc70bb7edf0dfe13fe120e7c04301af2b90e1d6fb11fac69ddbe6f000d66148

    • Size

      150KB

    • MD5

      3d0c6cdebd74c4e6d08e526da9bc8770

    • SHA1

      898a89296fce8c5a0651c33615beffef972e2edc

    • SHA256

      afc70bb7edf0dfe13fe120e7c04301af2b90e1d6fb11fac69ddbe6f000d66148

    • SHA512

      4cd44354ffaee044243806094754768f8562d3e6af1ce5fb7944b342f000e8bc5241b8e75c521ebc0759e37642b90251a79f4b3a22db7b596acd73741c250ef2

    • SSDEEP

      3072:5uy2otZwgUd1GI7gbjVoc+7Pi+UEgdrWVbrzQ7dTkDv2JtXwRcekq:8y2otZ61GIiVoc+RUL

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks