Overview

overview

8

Static

static

8

5742b2981c...52.xls

windows7-x64

1

5742b2981c...52.xls

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5742b2981c5f4f6aaca7b85d76747498b65ff13d6505b5682649fd2827334c52

  • Size

    250KB

  • Sample

    221125-nypxjahg3x

  • MD5

    b44c5f6bb87ff7fffa5aab94bfcdf716

  • SHA1

    9996e6e68bec8bc561817e7f18e1af7622531f69

  • SHA256

    5742b2981c5f4f6aaca7b85d76747498b65ff13d6505b5682649fd2827334c52

  • SHA512

    c69ccd1ed8f306bb58bbdd3ba28b458cbe48bb6e579472a2feb67817d9d9a39611b2b94468c8544eefae5bc3e3cdffde3f3258fbc16246a2f6fa65647d8e4c6f

  • SSDEEP

    1536:6MMMQ9hx8uVoE1qrTP+qOhH6ucp9lIjMJip7nFxgqo9TEnaFL9zy+mA08gwcUAgt:fEnaFLcN1BKhLUs1xHFn2GFSI

Score
8/10
macroxlm

Malware Config

Targets

    • Target

      5742b2981c5f4f6aaca7b85d76747498b65ff13d6505b5682649fd2827334c52

    • Size

      250KB

    • MD5

      b44c5f6bb87ff7fffa5aab94bfcdf716

    • SHA1

      9996e6e68bec8bc561817e7f18e1af7622531f69

    • SHA256

      5742b2981c5f4f6aaca7b85d76747498b65ff13d6505b5682649fd2827334c52

    • SHA512

      c69ccd1ed8f306bb58bbdd3ba28b458cbe48bb6e579472a2feb67817d9d9a39611b2b94468c8544eefae5bc3e3cdffde3f3258fbc16246a2f6fa65647d8e4c6f

    • SSDEEP

      1536:6MMMQ9hx8uVoE1qrTP+qOhH6ucp9lIjMJip7nFxgqo9TEnaFL9zy+mA08gwcUAgt:fEnaFLcN1BKhLUs1xHFn2GFSI

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks