9383aec21bbb29baf9ab765a143a5f50afbdc0cdc106a1566f66a9320464610a | Triage

Sharing

General

Target

9383aec21bbb29baf9ab765a143a5f50afbdc0cdc106a1566f66a9320464610a
Size

151KB
Sample

221124-fw7qkabc98
MD5

dee621fff534b59bb68730e3d1fe3b38
SHA1

59735c27f9cbf65bb4593497e968daae0c397b9c
SHA256

9383aec21bbb29baf9ab765a143a5f50afbdc0cdc106a1566f66a9320464610a
SHA512

b4af232006564337da0963cb430eb29cf300eeccecd7cc53100b3bf3354a030d59afa337ebe1a5b320a5f36610d58b4401127887777075c3f623bbc5503cbdd0
SSDEEP

3072:Xi9EFgGeso7HECSEcGFsbbWP/0sft62oyFE90gpyZ:XiWgGeso7HECSEgbqP8sl6XyFUk

Score

10^/10

macro xlm

Malware Config

Targets

- Target
  
  ͨ2014ҵҵʿܱ.xls
- Size
  
  211KB
- MD5
  
  e63ab2c9512dc3c9b7c9c28491a724df
- SHA1
  
  254eb5e98bdd01c3dfba360297bc0c43a9945ca4
- SHA256
  
  a98923840dd7e2ed8517a6801db2e3f0055fc8989a552ec4c3a481a9b829e37e
- SHA512
  
  5cc54956bf722fc28315752b1b706aa92d50262b6dc94edae5f303fb5c68c25ad482b2c667f1f91946c9fe34973f2b654410648f084aaffa7d63e9475237b56e
- SSDEEP
  
  3072:eyhupeBXN0SK+1iBvM81KQigOqbk6Bqly32jcc0lbxOKE/MJtXwMwdF:xUZ7c04gO9avw
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
behavioral1 behavioral2
- Target
  
  ͨ2014ȫнҵҵʿ˹ͨ.pdf
- Size
  
  93KB
- MD5
  
  20cec56169b6a2d0c0bceb1360a56ff8
- SHA1
  
  3615a925b60ba878751ad00bf47c935a1765d176
- SHA256
  
  fb55f5f0ee493fa023c7582b8590e0e05188d097dbceb87311c22d3c11d01b0f
- SHA512
  
  0c15e3a790e11bca7e278ecfb19e15fbb4ed22f319f306ccd1a10f66b3b9ed90f981030e5f94accd26f56a4302dcc6981506e0667548a0c893fef714367f0cb9
- SSDEEP
  
  1536:KbfICAApNoz7YeCE1KwAtPuE0WfF6+BNWIFESS0k5yneksb:fGpreCE1CPHfF62oIFE90k5ieksb
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4