Overview

overview

10

Static

static

8

9d6ca7d8cc...bf.xls

windows7-x64

10

9d6ca7d8cc...bf.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d6ca7d8cce7485c89081606e4155e1e57c9d0dfeb0c6f7430c3b0d246c81dbf

  • Size

    105KB

  • Sample

    221121-pddjfahg22

  • MD5

    1260cf813e56666f5fc5dea49e378150

  • SHA1

    2715dfe2ec5c0e206ed4e7759b7fc2c691918710

  • SHA256

    9d6ca7d8cce7485c89081606e4155e1e57c9d0dfeb0c6f7430c3b0d246c81dbf

  • SHA512

    e071175f2ddae5492a60a89a5d4577c894cb9add044dfd192cbf1f2e8425e873ca5d387715f8c24336077e56e262ff86ea7034bbc6bec181f0edbc5f2a533eea

  • SSDEEP

    1536:wOOOMKKuOvzLal6yErOaJgpKmBZ958js1aWVbrzQ7IJukiD2YQ1UcJtXw+60lOTY:5SWVbrzQ7IIkD7XJtXwf

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      9d6ca7d8cce7485c89081606e4155e1e57c9d0dfeb0c6f7430c3b0d246c81dbf

    • Size

      105KB

    • MD5

      1260cf813e56666f5fc5dea49e378150

    • SHA1

      2715dfe2ec5c0e206ed4e7759b7fc2c691918710

    • SHA256

      9d6ca7d8cce7485c89081606e4155e1e57c9d0dfeb0c6f7430c3b0d246c81dbf

    • SHA512

      e071175f2ddae5492a60a89a5d4577c894cb9add044dfd192cbf1f2e8425e873ca5d387715f8c24336077e56e262ff86ea7034bbc6bec181f0edbc5f2a533eea

    • SSDEEP

      1536:wOOOMKKuOvzLal6yErOaJgpKmBZ958js1aWVbrzQ7IJukiD2YQ1UcJtXw+60lOTY:5SWVbrzQ7IIkD7XJtXwf

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks