Overview

overview

10

Static

static

8

2d03fbee7a...b.docm

windows7-x64

10

2d03fbee7a...b.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d03fbee7a64e658eaf6992c9f3e80e2a077f3436c7a0f4e0b7894624128f04b

  • Size

    18KB

  • Sample

    221125-klsk4shf7s

  • MD5

    1dbe2f9663508cd57f640ec7a5a9222c

  • SHA1

    944f1567c3da81dfa5d4c9877822bdaf4abf6502

  • SHA256

    2d03fbee7a64e658eaf6992c9f3e80e2a077f3436c7a0f4e0b7894624128f04b

  • SHA512

    2f631e5563effb09c392b3d5c849a2284bd9636652b5ae58f18070c1127625908a7b9e274acab5f40c8af225cc651a3d00d31f4bf1e27a54988cf4be49839abe

  • SSDEEP

    384:/iCkt4B7wl/aa3QNxt/ZtNNEGa6js2ZzogQuM8u:/tm4Vi/aBxllNrtAOUoM5

Score
10/10
macro

Malware Config

Targets

    • Target

      2d03fbee7a64e658eaf6992c9f3e80e2a077f3436c7a0f4e0b7894624128f04b

    • Size

      18KB

    • MD5

      1dbe2f9663508cd57f640ec7a5a9222c

    • SHA1

      944f1567c3da81dfa5d4c9877822bdaf4abf6502

    • SHA256

      2d03fbee7a64e658eaf6992c9f3e80e2a077f3436c7a0f4e0b7894624128f04b

    • SHA512

      2f631e5563effb09c392b3d5c849a2284bd9636652b5ae58f18070c1127625908a7b9e274acab5f40c8af225cc651a3d00d31f4bf1e27a54988cf4be49839abe

    • SSDEEP

      384:/iCkt4B7wl/aa3QNxt/ZtNNEGa6js2ZzogQuM8u:/tm4Vi/aBxllNrtAOUoM5

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks