Overview

overview

10

Static

static

8

631389af97...11.xls

windows7-x64

10

631389af97...11.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    631389af97a34f6fba809dcda9726b1d3d38c84e5f0331f7a77ee1fd6aefe511

  • Size

    98KB

  • Sample

    221123-yzdk1aee4s

  • MD5

    41ee80a713fd665759d87574a33f600a

  • SHA1

    266e5c6b467ef03d98d5c991f44f659a6b817289

  • SHA256

    631389af97a34f6fba809dcda9726b1d3d38c84e5f0331f7a77ee1fd6aefe511

  • SHA512

    2764ba91209441ba9dcd323391bfaed828b8b143201a0adb2968b4a23b8bb16cb6af73fdb50437724be4edae0341d5464dbb34f3d1b4b186db1ffbdc529ea50c

  • SSDEEP

    1536:hP6meXHjjdFs2jcc0lbxOvTgYIsY7nJdMcOu4/WwF1yjm:oHQ2jcc0lbxOr64BCm

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      631389af97a34f6fba809dcda9726b1d3d38c84e5f0331f7a77ee1fd6aefe511

    • Size

      98KB

    • MD5

      41ee80a713fd665759d87574a33f600a

    • SHA1

      266e5c6b467ef03d98d5c991f44f659a6b817289

    • SHA256

      631389af97a34f6fba809dcda9726b1d3d38c84e5f0331f7a77ee1fd6aefe511

    • SHA512

      2764ba91209441ba9dcd323391bfaed828b8b143201a0adb2968b4a23b8bb16cb6af73fdb50437724be4edae0341d5464dbb34f3d1b4b186db1ffbdc529ea50c

    • SSDEEP

      1536:hP6meXHjjdFs2jcc0lbxOvTgYIsY7nJdMcOu4/WwF1yjm:oHQ2jcc0lbxOr64BCm

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks