Overview

overview

10

Static

static

8

90a8ed6294...5d.xls

windows7-x64

10

90a8ed6294...5d.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90a8ed62942b48191d73188e9e8baff46077de97b69fecc17dbf6e964e77525d

  • Size

    225KB

  • Sample

    221124-hvs7wsaf6w

  • MD5

    d95513314d289d81ac50d472e72c4c4d

  • SHA1

    877d9e12bb469e6b52220c6b26bad85337b3d68a

  • SHA256

    90a8ed62942b48191d73188e9e8baff46077de97b69fecc17dbf6e964e77525d

  • SHA512

    dfb76f9fcd851ab912dcd5d17838760b7b8540cd2baf45be4cd5d23c07a4c8be2beab71a4a801f917ecd548dd85b54697d6cb63ab274ceacbaa137971224d034

  • SSDEEP

    3072:1YjPEOOPTguRLMZBcSOhAA/MCXxl+ZWVbihlzQ7ITk9I03L3FoJLXwN5kBNb:RAZ2SO2YMCXqdS3L3Y

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      90a8ed62942b48191d73188e9e8baff46077de97b69fecc17dbf6e964e77525d

    • Size

      225KB

    • MD5

      d95513314d289d81ac50d472e72c4c4d

    • SHA1

      877d9e12bb469e6b52220c6b26bad85337b3d68a

    • SHA256

      90a8ed62942b48191d73188e9e8baff46077de97b69fecc17dbf6e964e77525d

    • SHA512

      dfb76f9fcd851ab912dcd5d17838760b7b8540cd2baf45be4cd5d23c07a4c8be2beab71a4a801f917ecd548dd85b54697d6cb63ab274ceacbaa137971224d034

    • SSDEEP

      3072:1YjPEOOPTguRLMZBcSOhAA/MCXxl+ZWVbihlzQ7ITk9I03L3FoJLXwN5kBNb:RAZ2SO2YMCXqdS3L3Y

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks