Overview

overview

8

Static

static

8

25f38e495c...3a.xls

windows7-x64

1

25f38e495c...3a.xls

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25f38e495c62f03e99448b42c223b6cb30052cdbd9aa12ad730345a93fa1bc3a

  • Size

    32KB

  • Sample

    221125-w1tbqshg51

  • MD5

    bf06f4164814d518322dc153df11a8b9

  • SHA1

    e545c6b9267df6c8b95bf1d762bbbad7575b5935

  • SHA256

    25f38e495c62f03e99448b42c223b6cb30052cdbd9aa12ad730345a93fa1bc3a

  • SHA512

    5a6f67ac81b9816400fd7996b89af8e37fca15d94161cbb812b7505d9912fa54a3a551eb4508e02f10098a9b809faf08094604444bf1a22e4d870599b6ca9cb5

  • SSDEEP

    768:pzQzc0GLbtV8cLbsQvPe8k1Szm+R2S3cyzghlBAUrR9jzt6C7+4Z:pzQzc0GLbtV8cLbsQvPe8k1SzmGcyzgF

Score
8/10
macroxlm

Malware Config

Targets

    • Target

      25f38e495c62f03e99448b42c223b6cb30052cdbd9aa12ad730345a93fa1bc3a

    • Size

      32KB

    • MD5

      bf06f4164814d518322dc153df11a8b9

    • SHA1

      e545c6b9267df6c8b95bf1d762bbbad7575b5935

    • SHA256

      25f38e495c62f03e99448b42c223b6cb30052cdbd9aa12ad730345a93fa1bc3a

    • SHA512

      5a6f67ac81b9816400fd7996b89af8e37fca15d94161cbb812b7505d9912fa54a3a551eb4508e02f10098a9b809faf08094604444bf1a22e4d870599b6ca9cb5

    • SSDEEP

      768:pzQzc0GLbtV8cLbsQvPe8k1Szm+R2S3cyzghlBAUrR9jzt6C7+4Z:pzQzc0GLbtV8cLbsQvPe8k1SzmGcyzgF

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks