Overview

overview

10

Static

static

8

8ba088aa66...d8.xls

windows7-x64

10

8ba088aa66...d8.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ba088aa669da0eeb2aad5d0cb9cad173b290a6937c495c2ba5192db91ed87d8

  • Size

    85KB

  • Sample

    221122-1wwnhsae68

  • MD5

    64c1d30a68ecf97fcac48bc4cee3320a

  • SHA1

    3be07460a46e5fda70e1dd1892438cb98620479d

  • SHA256

    8ba088aa669da0eeb2aad5d0cb9cad173b290a6937c495c2ba5192db91ed87d8

  • SHA512

    26a96ce360198173137ac79afe8c34da2cf850d30b1c61a3462bcb12c67dc7217eff1004969a2a0681612d8a2c9a5350455750f3c40163b820009d7693e9bf37

  • SSDEEP

    1536:alJsK0WVbrzQ7ITkU8N67OA23DIhY7nJdJoOd7cJiXwgZ0:YstWVbrzQ7ITkn02AJiXwg0

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      8ba088aa669da0eeb2aad5d0cb9cad173b290a6937c495c2ba5192db91ed87d8

    • Size

      85KB

    • MD5

      64c1d30a68ecf97fcac48bc4cee3320a

    • SHA1

      3be07460a46e5fda70e1dd1892438cb98620479d

    • SHA256

      8ba088aa669da0eeb2aad5d0cb9cad173b290a6937c495c2ba5192db91ed87d8

    • SHA512

      26a96ce360198173137ac79afe8c34da2cf850d30b1c61a3462bcb12c67dc7217eff1004969a2a0681612d8a2c9a5350455750f3c40163b820009d7693e9bf37

    • SSDEEP

      1536:alJsK0WVbrzQ7ITkU8N67OA23DIhY7nJdJoOd7cJiXwgZ0:YstWVbrzQ7ITkn02AJiXwg0

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks