Overview

overview

10

Static

static

8

230f2440ca...31.xls

windows7-x64

10

230f2440ca...31.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    230f2440cae2e6043452633c6c24b3f2b00e5c93b001dad0bbe6e07de7970c31

  • Size

    99KB

  • Sample

    221125-qcldbsab55

  • MD5

    52338081a81611fafc39497f4dd3f98d

  • SHA1

    cfc7b06e180cb808daec1f99fa27533b4637db78

  • SHA256

    230f2440cae2e6043452633c6c24b3f2b00e5c93b001dad0bbe6e07de7970c31

  • SHA512

    5facb8c1ef8fc510c080b624106a89bd915bd04165fe37d314d4ae6afbdf2f586554876a5010ddf14ad128bb838c0e7aecb5bada33eb7a1746028381b7d7d937

  • SSDEEP

    1536:kiii00WiagiB37DyGxZWiFFkmePg0NIZ95DcBSmiWVbrzQ7Il85MsnkbA2396hYf:1NycBSvWVbrzQ7INIkZ42AJtXwJT

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      230f2440cae2e6043452633c6c24b3f2b00e5c93b001dad0bbe6e07de7970c31

    • Size

      99KB

    • MD5

      52338081a81611fafc39497f4dd3f98d

    • SHA1

      cfc7b06e180cb808daec1f99fa27533b4637db78

    • SHA256

      230f2440cae2e6043452633c6c24b3f2b00e5c93b001dad0bbe6e07de7970c31

    • SHA512

      5facb8c1ef8fc510c080b624106a89bd915bd04165fe37d314d4ae6afbdf2f586554876a5010ddf14ad128bb838c0e7aecb5bada33eb7a1746028381b7d7d937

    • SSDEEP

      1536:kiii00WiagiB37DyGxZWiFFkmePg0NIZ95DcBSmiWVbrzQ7Il85MsnkbA2396hYf:1NycBSvWVbrzQ7INIkZ42AJtXwJT

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks