Overview

overview

10

Static

static

8

5ccc282dc5...de.xls

windows7-x64

10

5ccc282dc5...de.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ccc282dc59d4b5b35ad270c967c4b2d92f325b5b6df3f30520269f9c55176de

  • Size

    826KB

  • Sample

    221125-k4cbvaag3v

  • MD5

    2b0f3b1eccc31b722d19b898bfed7500

  • SHA1

    a6caf9f3be96a03c960091fcc43c6a1131fef0ac

  • SHA256

    5ccc282dc59d4b5b35ad270c967c4b2d92f325b5b6df3f30520269f9c55176de

  • SHA512

    3cfb7c8d1ca94f97d17beb635da6dd53ec6326f2e05f04120c7e6ff5ec5a7bea808116e48fda3f2c8a29187cbecb4772c091ea656b444a3896ab5e310ca1f98a

  • SSDEEP

    6144:5k3hOdsylKlgryzc4bNhZF+E+W2kQCAH8SD4HW44KwACfnVIGI70:tCCD

Score
10/10
macro

Malware Config

Targets

    • Target

      5ccc282dc59d4b5b35ad270c967c4b2d92f325b5b6df3f30520269f9c55176de

    • Size

      826KB

    • MD5

      2b0f3b1eccc31b722d19b898bfed7500

    • SHA1

      a6caf9f3be96a03c960091fcc43c6a1131fef0ac

    • SHA256

      5ccc282dc59d4b5b35ad270c967c4b2d92f325b5b6df3f30520269f9c55176de

    • SHA512

      3cfb7c8d1ca94f97d17beb635da6dd53ec6326f2e05f04120c7e6ff5ec5a7bea808116e48fda3f2c8a29187cbecb4772c091ea656b444a3896ab5e310ca1f98a

    • SSDEEP

      6144:5k3hOdsylKlgryzc4bNhZF+E+W2kQCAH8SD4HW44KwACfnVIGI70:tCCD

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks