a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb | Triage

Submit
Reports

Overview

overview

Static

static

8

a197aee55a...eb.xls

windows7-x64

1

a197aee55a...eb.xls

windows10-2004-x64

Sharing

General

Target

a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb
Size

254KB
Sample

221125-nypa1ahg3w
MD5

726ff3ba6373c51a564b567f141c9257
SHA1

08f20c709bb273fe1896879cb1143064361ae898
SHA256

a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb
SHA512

6ddb6b19c4a50a7319dfd2f5a2b6370b6bc8f456c10b876e5b777e876721703fbae4054b72556e225f0f1a32f6f7318846ad99cb2337e554054433c24922dafe
SSDEEP

1536:yllluoSYYFPsExMHzyu/vm4DvPlwUcB21lDwSmtYUrhs6Rjfk9zy+mA08gwcUAgY:1RjfkcV1BKJLgs1xHFn2GFNQX

Score

10^/10

macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb.xls

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb.xls

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb
- Size
  
  254KB
- MD5
  
  726ff3ba6373c51a564b567f141c9257
- SHA1
  
  08f20c709bb273fe1896879cb1143064361ae898
- SHA256
  
  a197aee55a6479d77469e03bfda0f9ea88292dd0dd09d5b9759123c97e9bc7eb
- SHA512
  
  6ddb6b19c4a50a7319dfd2f5a2b6370b6bc8f456c10b876e5b777e876721703fbae4054b72556e225f0f1a32f6f7318846ad99cb2337e554054433c24922dafe
- SSDEEP
  
  1536:yllluoSYYFPsExMHzyu/vm4DvPlwUcB21lDwSmtYUrhs6Rjfk9zy+mA08gwcUAgY:1RjfkcV1BKJLgs1xHFn2GFNQX
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy