Overview

overview

10

Static

static

8

c9b5d9711e...17.xls

windows7-x64

10

c9b5d9711e...17.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9b5d9711e1325b8c0515f4e38294e555218e7bec46a3ac34d67703ee04fb217

  • Size

    105KB

  • Sample

    221125-pjbxssbc5v

  • MD5

    ad2bb5d99a87565da2a2177c1a55e927

  • SHA1

    deefe54208a26ef45b6e9a5cdb113ca7a2ec6f54

  • SHA256

    c9b5d9711e1325b8c0515f4e38294e555218e7bec46a3ac34d67703ee04fb217

  • SHA512

    c3f74fab630d69482e614408a9c57a3eed1a5fffcb7a2ef9f2f2583c564a82eb8907057b11c203c920a568104a4827c00d9d12302c3292410c7d1649255ac0ba

  • SSDEEP

    1536:lPPPP7WH8Vo6+PWVbrzIZkC7ITkR629BCOU/WwF1JaM2M/MxAG6m:xWWVbrzIZn7ITk9zDWX5kLf

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      c9b5d9711e1325b8c0515f4e38294e555218e7bec46a3ac34d67703ee04fb217

    • Size

      105KB

    • MD5

      ad2bb5d99a87565da2a2177c1a55e927

    • SHA1

      deefe54208a26ef45b6e9a5cdb113ca7a2ec6f54

    • SHA256

      c9b5d9711e1325b8c0515f4e38294e555218e7bec46a3ac34d67703ee04fb217

    • SHA512

      c3f74fab630d69482e614408a9c57a3eed1a5fffcb7a2ef9f2f2583c564a82eb8907057b11c203c920a568104a4827c00d9d12302c3292410c7d1649255ac0ba

    • SSDEEP

      1536:lPPPP7WH8Vo6+PWVbrzIZkC7ITkR629BCOU/WwF1JaM2M/MxAG6m:xWWVbrzIZn7ITk9zDWX5kLf

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks