Overview

overview

10

Static

static

8

be7321f7aa...80.xls

windows7-x64

10

be7321f7aa...80.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be7321f7aa12f7cab6ac575da316590d1ae5491e5e56ab799adb8209a88dbd80

  • Size

    269KB

  • Sample

    221124-hy369sah6s

  • MD5

    f4b98951db7205593b7fe35f6d8d549e

  • SHA1

    eca681e224989d5009bf71100ecc55927fb153f8

  • SHA256

    be7321f7aa12f7cab6ac575da316590d1ae5491e5e56ab799adb8209a88dbd80

  • SHA512

    25034610d5950a493bd9d220f93247d8a6d9e776815872e351a4023eee7fc8bf3166a786cf1661cb658f360daef112321a7b84dd29711dcf76ccbb204fa66e23

  • SSDEEP

    3072:UXfjOtJhZMeznfKWt6qgToN+l/NPs84mN+fyc6WVbrzYCx7ITkPjeVlEJtXw5Mgl:6cjlDgToN+RNPs8ZNEycuCo06

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      be7321f7aa12f7cab6ac575da316590d1ae5491e5e56ab799adb8209a88dbd80

    • Size

      269KB

    • MD5

      f4b98951db7205593b7fe35f6d8d549e

    • SHA1

      eca681e224989d5009bf71100ecc55927fb153f8

    • SHA256

      be7321f7aa12f7cab6ac575da316590d1ae5491e5e56ab799adb8209a88dbd80

    • SHA512

      25034610d5950a493bd9d220f93247d8a6d9e776815872e351a4023eee7fc8bf3166a786cf1661cb658f360daef112321a7b84dd29711dcf76ccbb204fa66e23

    • SSDEEP

      3072:UXfjOtJhZMeznfKWt6qgToN+l/NPs84mN+fyc6WVbrzYCx7ITkPjeVlEJtXw5Mgl:6cjlDgToN+RNPs8ZNEycuCo06

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks