Overview

overview

10

Static

static

8

d41092a8d5...86.xls

windows7-x64

10

d41092a8d5...86.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d41092a8d5a00957e4a5f5c33322a079b8092ce62c372ea5743c9b035e2e1386

  • Size

    87KB

  • Sample

    221124-j2ajssde6w

  • MD5

    2467ef25529dccaec9c196e1f8124f7d

  • SHA1

    9a686190a1d3f1ef347ac5c66a43ef3a8bd94614

  • SHA256

    d41092a8d5a00957e4a5f5c33322a079b8092ce62c372ea5743c9b035e2e1386

  • SHA512

    1f8aab6b1435c311d8db19576b1f2248fa003c52ad87e4b4f8d307961b10fe181a6c65b8bf118bb8dc6c2f9abd884af18908469c413ed422fa53d0ab18acf447

  • SSDEEP

    1536:FIljUj4HMlJS2jcc0lbxOvTgZZ4cY7nJdFoOGIWWt2XeouG6:SHt2jcc0lbxOrDpEOZG6

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      d41092a8d5a00957e4a5f5c33322a079b8092ce62c372ea5743c9b035e2e1386

    • Size

      87KB

    • MD5

      2467ef25529dccaec9c196e1f8124f7d

    • SHA1

      9a686190a1d3f1ef347ac5c66a43ef3a8bd94614

    • SHA256

      d41092a8d5a00957e4a5f5c33322a079b8092ce62c372ea5743c9b035e2e1386

    • SHA512

      1f8aab6b1435c311d8db19576b1f2248fa003c52ad87e4b4f8d307961b10fe181a6c65b8bf118bb8dc6c2f9abd884af18908469c413ed422fa53d0ab18acf447

    • SSDEEP

      1536:FIljUj4HMlJS2jcc0lbxOvTgZZ4cY7nJdFoOGIWWt2XeouG6:SHt2jcc0lbxOrDpEOZG6

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks