Overview

overview

10

Static

static

8

e9fb46084e...0c.xls

windows7-x64

10

e9fb46084e...0c.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9fb46084e1431aebf7bb7d731c5c3c74d7edd253f5db8742208c360fec43a0c

  • Size

    134KB

  • Sample

    221123-ymqd2aae82

  • MD5

    7e98bfa4e6f15977eaf2d3f5e676487f

  • SHA1

    d630784420e295152b4527d59a1eea0cdeeb2b28

  • SHA256

    e9fb46084e1431aebf7bb7d731c5c3c74d7edd253f5db8742208c360fec43a0c

  • SHA512

    4c4c2ea6793b4dc461941467a06c720acfaf17bcfa8483840dd45596f5ffc1f946eae2bdeb7325b4d45cb4e10a967060b2eb9d64ec0c66fc5147db4e0c77fb2a

  • SSDEEP

    3072:o4uIpU0/XL8nWVAAvArzQ7ITkDQM25kWU6vQLw6Jc:3/XL8RAej4M

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      e9fb46084e1431aebf7bb7d731c5c3c74d7edd253f5db8742208c360fec43a0c

    • Size

      134KB

    • MD5

      7e98bfa4e6f15977eaf2d3f5e676487f

    • SHA1

      d630784420e295152b4527d59a1eea0cdeeb2b28

    • SHA256

      e9fb46084e1431aebf7bb7d731c5c3c74d7edd253f5db8742208c360fec43a0c

    • SHA512

      4c4c2ea6793b4dc461941467a06c720acfaf17bcfa8483840dd45596f5ffc1f946eae2bdeb7325b4d45cb4e10a967060b2eb9d64ec0c66fc5147db4e0c77fb2a

    • SSDEEP

      3072:o4uIpU0/XL8nWVAAvArzQ7ITkDQM25kWU6vQLw6Jc:3/XL8RAej4M

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks