Overview

overview

8

Static

static

8

c949ebce8a...c8.xls

windows7-x64

1

c949ebce8a...c8.xls

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c949ebce8a922eebc0656e8ebc645dd0c2f3261cc06c4814ec56bf306dd301c8

  • Size

    43KB

  • Sample

    221124-npaq9aba98

  • MD5

    fbca40e92e52ff486dcee0faed712d68

  • SHA1

    c79567bc78400009afbd0587d293607f0d4248fd

  • SHA256

    c949ebce8a922eebc0656e8ebc645dd0c2f3261cc06c4814ec56bf306dd301c8

  • SHA512

    4b0734b17e8fea46cdf1ea4539fda32e58ad9b96c3d4806d0edba22d61731ab25b726f98b19191010076587c330f113cd9e109a298e0348215d8f99aba1e6da7

  • SSDEEP

    768:xwwwwGFtbhed56MjbqljrOxX2+Z5wq+C7UdI2R2/2ScBECgZI+t3iRiWgwkI:xwwwwGFtbhed56MjbqljrOxX2+Z5wq+n

Score
8/10
macroxlm

Malware Config

Targets

    • Target

      c949ebce8a922eebc0656e8ebc645dd0c2f3261cc06c4814ec56bf306dd301c8

    • Size

      43KB

    • MD5

      fbca40e92e52ff486dcee0faed712d68

    • SHA1

      c79567bc78400009afbd0587d293607f0d4248fd

    • SHA256

      c949ebce8a922eebc0656e8ebc645dd0c2f3261cc06c4814ec56bf306dd301c8

    • SHA512

      4b0734b17e8fea46cdf1ea4539fda32e58ad9b96c3d4806d0edba22d61731ab25b726f98b19191010076587c330f113cd9e109a298e0348215d8f99aba1e6da7

    • SSDEEP

      768:xwwwwGFtbhed56MjbqljrOxX2+Z5wq+C7UdI2R2/2ScBECgZI+t3iRiWgwkI:xwwwwGFtbhed56MjbqljrOxX2+Z5wq+n

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks