Overview

overview

10

Static

static

8

08ac06ecec...6c.xls

windows7-x64

10

08ac06ecec...6c.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    08ac06ececfb7b3546ae9ba77ac046d86b192486fb2c482ecc34ab5ff4c4d36c

  • Size

    120KB

  • Sample

    221125-nyv4jshg4x

  • MD5

    0d64cad7bc096cd84ba3a20d7493bf06

  • SHA1

    33a20591020904eeb5f31eaf1e5b9be2736f6e4c

  • SHA256

    08ac06ececfb7b3546ae9ba77ac046d86b192486fb2c482ecc34ab5ff4c4d36c

  • SHA512

    8caf01a0b63944474fa758abccc2f52f48cb71d3cf141a8e65a4f36e1785ac89abf2378488374a6bd43c4237c2ea1e639567aae7ae28ada168b5048aba88efbe

  • SSDEEP

    1536:YJJJJlhIzUL5uaiaL8KiIqfgAJLD6d/GY3EnvFBlmb2uRxIldNxOMw2jcc0lbxOk:iUnA622jcc0lbxOr7jhJtXwrJ

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      08ac06ececfb7b3546ae9ba77ac046d86b192486fb2c482ecc34ab5ff4c4d36c

    • Size

      120KB

    • MD5

      0d64cad7bc096cd84ba3a20d7493bf06

    • SHA1

      33a20591020904eeb5f31eaf1e5b9be2736f6e4c

    • SHA256

      08ac06ececfb7b3546ae9ba77ac046d86b192486fb2c482ecc34ab5ff4c4d36c

    • SHA512

      8caf01a0b63944474fa758abccc2f52f48cb71d3cf141a8e65a4f36e1785ac89abf2378488374a6bd43c4237c2ea1e639567aae7ae28ada168b5048aba88efbe

    • SSDEEP

      1536:YJJJJlhIzUL5uaiaL8KiIqfgAJLD6d/GY3EnvFBlmb2uRxIldNxOMw2jcc0lbxOk:iUnA622jcc0lbxOr7jhJtXwrJ

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks