Overview

overview

10

Static

static

8

1088d37165...c1.xls

windows7-x64

10

1088d37165...c1.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1088d3716529f0e77a79f51a783d0bf9ea572edcd20e6dc490ceb7b3667711c1

  • Size

    129KB

  • Sample

    221125-n9vl6afd74

  • MD5

    a8e4e0fdea4236135d7b7dcb3bf784d8

  • SHA1

    d350cd64b6621eca59b6e59dfb0592704552f3c9

  • SHA256

    1088d3716529f0e77a79f51a783d0bf9ea572edcd20e6dc490ceb7b3667711c1

  • SHA512

    27deb672f34567e6421b507a592167b9a05be81fbe74e3745ffb7ed04a2f64ba1194898583d1486da0839d84cc21ac2582307751b024fdd296d796850b00394d

  • SSDEEP

    1536:zJJJBlzUy4ME44yoFFrXWVbrzQ7ITk34UrFA237KOeXcJtXw4PdosnkCe:oy6WVbrzQ7ITkzHG/MJtXwedhhe

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      1088d3716529f0e77a79f51a783d0bf9ea572edcd20e6dc490ceb7b3667711c1

    • Size

      129KB

    • MD5

      a8e4e0fdea4236135d7b7dcb3bf784d8

    • SHA1

      d350cd64b6621eca59b6e59dfb0592704552f3c9

    • SHA256

      1088d3716529f0e77a79f51a783d0bf9ea572edcd20e6dc490ceb7b3667711c1

    • SHA512

      27deb672f34567e6421b507a592167b9a05be81fbe74e3745ffb7ed04a2f64ba1194898583d1486da0839d84cc21ac2582307751b024fdd296d796850b00394d

    • SSDEEP

      1536:zJJJBlzUy4ME44yoFFrXWVbrzQ7ITk34UrFA237KOeXcJtXw4PdosnkCe:oy6WVbrzQ7ITkzHG/MJtXwedhhe

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks