Overview

overview

10

Static

static

8

a92162739c...0e.xls

windows7-x64

10

a92162739c...0e.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a92162739cfb9368380273095072e2a82535dc9925d0e9290e90fd919e493f0e

  • Size

    107KB

  • Sample

    221125-n9vbdsfd73

  • MD5

    d32be134c37ff510ed305664a0f8d6aa

  • SHA1

    571b45d07715563fdb3be6a2b85b748e7b21ea5e

  • SHA256

    a92162739cfb9368380273095072e2a82535dc9925d0e9290e90fd919e493f0e

  • SHA512

    d3f5a27efc931831670ffd7646604985ed068b64c37b99ad98cf1d2d1d1bd3881f721b18cc656f8966e0f0adb8dcb6be695e222c6fefdbaa3666c93930a08771

  • SSDEEP

    1536:QlllBJTYaYgoA0+k2i9WVbrzcidU97ITkR62liz2cJtXwRoM2M/MugBc:D+/6WVbrzM97ITk9iFJtXw15kFBc

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      a92162739cfb9368380273095072e2a82535dc9925d0e9290e90fd919e493f0e

    • Size

      107KB

    • MD5

      d32be134c37ff510ed305664a0f8d6aa

    • SHA1

      571b45d07715563fdb3be6a2b85b748e7b21ea5e

    • SHA256

      a92162739cfb9368380273095072e2a82535dc9925d0e9290e90fd919e493f0e

    • SHA512

      d3f5a27efc931831670ffd7646604985ed068b64c37b99ad98cf1d2d1d1bd3881f721b18cc656f8966e0f0adb8dcb6be695e222c6fefdbaa3666c93930a08771

    • SSDEEP

      1536:QlllBJTYaYgoA0+k2i9WVbrzcidU97ITkR62liz2cJtXwRoM2M/MugBc:D+/6WVbrzM97ITk9iFJtXw15kFBc

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks