Overview

overview

10

Static

static

8

3ac85313fd...73.doc

windows7-x64

10

3ac85313fd...73.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ac85313fd21ee48cd20576d116fb1961fd30f6aef692c50c6a041417be7da73

  • Size

    78KB

  • Sample

    221125-lgm1hagb54

  • MD5

    8d2ff5302b1a00e27fc74a4a0e7d691e

  • SHA1

    c31d9dabf66ca0bcf3d18e530bd8c659451f6867

  • SHA256

    3ac85313fd21ee48cd20576d116fb1961fd30f6aef692c50c6a041417be7da73

  • SHA512

    3021215fea7224c5fe15a7838c9353c6745bc3f0729ff8df46b77d9aa7a002214280a6056ce6bf43a0248d0bbda5a1d7a3c54e4b38ace76b52161a09ae94262f

  • SSDEEP

    1536:fvCIgb6Evkehxknn1N9AQTZZNcXlCqe8K6NV:fvCI87vhyn1NnTZZNmCqTN

Score
10/10
macro

Malware Config

Targets

    • Target

      3ac85313fd21ee48cd20576d116fb1961fd30f6aef692c50c6a041417be7da73

    • Size

      78KB

    • MD5

      8d2ff5302b1a00e27fc74a4a0e7d691e

    • SHA1

      c31d9dabf66ca0bcf3d18e530bd8c659451f6867

    • SHA256

      3ac85313fd21ee48cd20576d116fb1961fd30f6aef692c50c6a041417be7da73

    • SHA512

      3021215fea7224c5fe15a7838c9353c6745bc3f0729ff8df46b77d9aa7a002214280a6056ce6bf43a0248d0bbda5a1d7a3c54e4b38ace76b52161a09ae94262f

    • SSDEEP

      1536:fvCIgb6Evkehxknn1N9AQTZZNcXlCqe8K6NV:fvCI87vhyn1NnTZZNmCqTN

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks