Overview

overview

10

Static

static

8

75cf364baa...06.xls

windows7-x64

10

75cf364baa...06.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75cf364baa43c9be2a20f5ac9bb9f45027a90d3658e438f92102107446556206

  • Size

    92KB

  • Sample

    221121-pdfc2add61

  • MD5

    29d6bbad5fde307cd3e573e4051942f4

  • SHA1

    9368a3b82c7b4ca8f17cb50d48f32edc5bf61683

  • SHA256

    75cf364baa43c9be2a20f5ac9bb9f45027a90d3658e438f92102107446556206

  • SHA512

    d051571106b994881a4df4a7f339f22a929cc470311dd6c144299926ec49fbff6f316be568463806df822af18c448cf10b5796863217611a9b5e16300117539f

  • SSDEEP

    1536:f666O0/KzoFEWVbrzQ7fxPtGoKTkR623vq1Iq9TJtXwbwx:rZWVbrzQ7f5ZKTk9yeqxJtXwc

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      75cf364baa43c9be2a20f5ac9bb9f45027a90d3658e438f92102107446556206

    • Size

      92KB

    • MD5

      29d6bbad5fde307cd3e573e4051942f4

    • SHA1

      9368a3b82c7b4ca8f17cb50d48f32edc5bf61683

    • SHA256

      75cf364baa43c9be2a20f5ac9bb9f45027a90d3658e438f92102107446556206

    • SHA512

      d051571106b994881a4df4a7f339f22a929cc470311dd6c144299926ec49fbff6f316be568463806df822af18c448cf10b5796863217611a9b5e16300117539f

    • SSDEEP

      1536:f666O0/KzoFEWVbrzQ7fxPtGoKTkR623vq1Iq9TJtXwbwx:rZWVbrzQ7f5ZKTk9yeqxJtXwc

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks