Overview

overview

10

Static

static

8

1b69d146c7...ae.xls

windows7-x64

10

1b69d146c7...ae.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b69d146c7dd72366916077c7762216f0cb9471f7340d4798cf63f23decf53ae

  • Size

    80KB

  • Sample

    221121-pdjepahg25

  • MD5

    3902b3a08f55d5c5bd09c6bdce56e410

  • SHA1

    ae19521054f7f35590cf4e1589e5a4a76b43b5bf

  • SHA256

    1b69d146c7dd72366916077c7762216f0cb9471f7340d4798cf63f23decf53ae

  • SHA512

    1a14c3d4705d8c08a4b34558a926e0a4bc34c47c84f3f1ea46083398fe4a8348f9a8d8e1856be4343a5267ae03173072cfd6f765c92d3f28ebe842d26ddfc85b

  • SSDEEP

    1536:B8Suii1W1+aRhJ2jcc0lbxOvTgB4sY7nJdMcOu4/WwF1vnh:2Yr2jcc0lbxOrR4B/h

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      1b69d146c7dd72366916077c7762216f0cb9471f7340d4798cf63f23decf53ae

    • Size

      80KB

    • MD5

      3902b3a08f55d5c5bd09c6bdce56e410

    • SHA1

      ae19521054f7f35590cf4e1589e5a4a76b43b5bf

    • SHA256

      1b69d146c7dd72366916077c7762216f0cb9471f7340d4798cf63f23decf53ae

    • SHA512

      1a14c3d4705d8c08a4b34558a926e0a4bc34c47c84f3f1ea46083398fe4a8348f9a8d8e1856be4343a5267ae03173072cfd6f765c92d3f28ebe842d26ddfc85b

    • SSDEEP

      1536:B8Suii1W1+aRhJ2jcc0lbxOvTgB4sY7nJdMcOu4/WwF1vnh:2Yr2jcc0lbxOrR4B/h

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks