Overview

overview

10

Static

static

8

2dc726b8aa...3.xlsm

windows7-x64

10

2dc726b8aa...3.xlsm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2dc726b8aa47616b6315d486dd289ba3

  • Size

    17KB

  • Sample

    221122-1aykzsdb2w

  • MD5

    2dc726b8aa47616b6315d486dd289ba3

  • SHA1

    0823f9ea4079f3c43fd79953bddcaf1a4d939f82

  • SHA256

    4b51506ee5dd8045f193ca519f96505266ce7108897e4ecee134e96bd95f8f54

  • SHA512

    e2401ae3b4e18e857a2330210d153fdbfeb4dcb31ae584b559fe716fac9a58ea98a446d61d9870b2b5a90feb156e9f8da40b6ec5f7f62fba92ded74b92010b75

  • SSDEEP

    384:HeEW2Vk1eKrNHj8f9NdNQQKKEM5CxSMDS2OQxEN7UIFhibbwBHtL:+EW2Vk0MWNMKEMb8TOhAWoXmL

Score
10/10
macro

Malware Config

Targets

    • Target

      2dc726b8aa47616b6315d486dd289ba3

    • Size

      17KB

    • MD5

      2dc726b8aa47616b6315d486dd289ba3

    • SHA1

      0823f9ea4079f3c43fd79953bddcaf1a4d939f82

    • SHA256

      4b51506ee5dd8045f193ca519f96505266ce7108897e4ecee134e96bd95f8f54

    • SHA512

      e2401ae3b4e18e857a2330210d153fdbfeb4dcb31ae584b559fe716fac9a58ea98a446d61d9870b2b5a90feb156e9f8da40b6ec5f7f62fba92ded74b92010b75

    • SSDEEP

      384:HeEW2Vk1eKrNHj8f9NdNQQKKEM5CxSMDS2OQxEN7UIFhibbwBHtL:+EW2Vk0MWNMKEMb8TOhAWoXmL

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks