Overview

overview

8

Static

static

8

afa0d11cdc...45.xls

windows7-x64

1

afa0d11cdc...45.xls

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afa0d11cdcab4156fb4fb9d7550537c944fbf5f7327b16566e7024ca416bbf45

  • Size

    34KB

  • Sample

    221125-w1mtyshg4t

  • MD5

    65d65ff03e41eef8749240a7a14761d4

  • SHA1

    9bb7e922eab3bb75c7400c8451d09d1b6f4b0dea

  • SHA256

    afa0d11cdcab4156fb4fb9d7550537c944fbf5f7327b16566e7024ca416bbf45

  • SHA512

    a8727d3fa39578e84cb102efb298eee6fe38e77baa4641e5c2c3e6a9d1ced288f91f8cd0da1feca4903bd8024cb868c9f0b06e725727a96754ee8ac539da290c

  • SSDEEP

    768:Huuuu40a5AjsdlMsbLcA/fuM0Fij2eR2OLYB68hlBVtZ3ZU+JcM15C:Huuuu40a5AjsdlMsbLcA/fuM0Fij2eYO

Score
8/10
macroxlm

Malware Config

Targets

    • Target

      afa0d11cdcab4156fb4fb9d7550537c944fbf5f7327b16566e7024ca416bbf45

    • Size

      34KB

    • MD5

      65d65ff03e41eef8749240a7a14761d4

    • SHA1

      9bb7e922eab3bb75c7400c8451d09d1b6f4b0dea

    • SHA256

      afa0d11cdcab4156fb4fb9d7550537c944fbf5f7327b16566e7024ca416bbf45

    • SHA512

      a8727d3fa39578e84cb102efb298eee6fe38e77baa4641e5c2c3e6a9d1ced288f91f8cd0da1feca4903bd8024cb868c9f0b06e725727a96754ee8ac539da290c

    • SSDEEP

      768:Huuuu40a5AjsdlMsbLcA/fuM0Fij2eR2OLYB68hlBVtZ3ZU+JcM15C:Huuuu40a5AjsdlMsbLcA/fuM0Fij2eYO

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks