Overview

overview

10

Static

static

8

30f877eb2f...2d.xls

windows7-x64

10

30f877eb2f...2d.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30f877eb2f3950fe05f528d66f387daa917cc2d0f8fc105d6710675be45f4c2d

  • Size

    826KB

  • Sample

    221125-kjp27sea86

  • MD5

    a671505fb0d646f3ff273b033c648040

  • SHA1

    f79ea3dd507c9233b18860c1f4163fbbccb1b467

  • SHA256

    30f877eb2f3950fe05f528d66f387daa917cc2d0f8fc105d6710675be45f4c2d

  • SHA512

    4003d58721e5295ce3c2f54243ed5bf5801d9141a538b9101f04fc7b07ceca7243b8411bb2d71971af9e5968ed10789d15748238fe084d82a68f0ed77b169018

  • SSDEEP

    6144:5k3hOdsylKlgryzc4bNhZF+E+W2kQCAH8SD4HW44KwACfnVIGI70:tCCD

Score
10/10
macro

Malware Config

Targets

    • Target

      30f877eb2f3950fe05f528d66f387daa917cc2d0f8fc105d6710675be45f4c2d

    • Size

      826KB

    • MD5

      a671505fb0d646f3ff273b033c648040

    • SHA1

      f79ea3dd507c9233b18860c1f4163fbbccb1b467

    • SHA256

      30f877eb2f3950fe05f528d66f387daa917cc2d0f8fc105d6710675be45f4c2d

    • SHA512

      4003d58721e5295ce3c2f54243ed5bf5801d9141a538b9101f04fc7b07ceca7243b8411bb2d71971af9e5968ed10789d15748238fe084d82a68f0ed77b169018

    • SSDEEP

      6144:5k3hOdsylKlgryzc4bNhZF+E+W2kQCAH8SD4HW44KwACfnVIGI70:tCCD

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks