Overview

overview

10

Static

static

8

451d07e3da...6e.xls

windows7-x64

10

451d07e3da...6e.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    451d07e3da8910319f8b621fe073649595005c5fc9f0bb1b81ec986766297e6e

  • Size

    99KB

  • Sample

    221125-n9s4bsae71

  • MD5

    b1b0179f88ee95552eff13d53cde4a81

  • SHA1

    451721d6df5ac70762de3fc7f2bf78373949edb5

  • SHA256

    451d07e3da8910319f8b621fe073649595005c5fc9f0bb1b81ec986766297e6e

  • SHA512

    666f076f8b88e98a0c5d20b201569fd4e9a12f055f1ed55a5c29b08c108e2112743f74b602ab79c4feb63c476c9f1946ecb9944d50ca31c4fad0e151c8a0e856

  • SSDEEP

    3072:d+l6Nc7yRzs1H75wkZUgsQ6NqTBun5oA2jcc0lbxOKK/vX1qiTb:Ul6Nc7yRzs1H75wkZUgsQ6NqTBun5obL

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      451d07e3da8910319f8b621fe073649595005c5fc9f0bb1b81ec986766297e6e

    • Size

      99KB

    • MD5

      b1b0179f88ee95552eff13d53cde4a81

    • SHA1

      451721d6df5ac70762de3fc7f2bf78373949edb5

    • SHA256

      451d07e3da8910319f8b621fe073649595005c5fc9f0bb1b81ec986766297e6e

    • SHA512

      666f076f8b88e98a0c5d20b201569fd4e9a12f055f1ed55a5c29b08c108e2112743f74b602ab79c4feb63c476c9f1946ecb9944d50ca31c4fad0e151c8a0e856

    • SSDEEP

      3072:d+l6Nc7yRzs1H75wkZUgsQ6NqTBun5oA2jcc0lbxOKK/vX1qiTb:Ul6Nc7yRzs1H75wkZUgsQ6NqTBun5obL

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks