Overview

overview

10

Static

static

8

608e23230f...38.xls

windows7-x64

10

608e23230f...38.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    608e23230f8171d0ee7cfea3f34766ae219bcafdcd261240c650039fc3230038

  • Size

    99KB

  • Sample

    221125-n9v8pafd75

  • MD5

    0351fb6e1b638462fc8f42af53d9fe41

  • SHA1

    4b3b8deb885c65636855ead175234ca4f9d362fd

  • SHA256

    608e23230f8171d0ee7cfea3f34766ae219bcafdcd261240c650039fc3230038

  • SHA512

    7d52a6edea19013efba87ea2fcca2a84021b2207b2e6c8d3233f06dc4c99171712417fa44ff81344ad34f32c8506ef9c504e52efe4bf893a5bb1154271e52dfe

  • SSDEEP

    1536:PlllBJTYaYo9wXF0Fn2jcc0lbxOvTgZeb2cJtXwgMK:VKg2jcc0lbxOrRFJtXwhK

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      608e23230f8171d0ee7cfea3f34766ae219bcafdcd261240c650039fc3230038

    • Size

      99KB

    • MD5

      0351fb6e1b638462fc8f42af53d9fe41

    • SHA1

      4b3b8deb885c65636855ead175234ca4f9d362fd

    • SHA256

      608e23230f8171d0ee7cfea3f34766ae219bcafdcd261240c650039fc3230038

    • SHA512

      7d52a6edea19013efba87ea2fcca2a84021b2207b2e6c8d3233f06dc4c99171712417fa44ff81344ad34f32c8506ef9c504e52efe4bf893a5bb1154271e52dfe

    • SSDEEP

      1536:PlllBJTYaYo9wXF0Fn2jcc0lbxOvTgZeb2cJtXwgMK:VKg2jcc0lbxOrRFJtXwhK

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks