Overview

overview

10

Static

static

8

b808daf0c1...65.xls

windows7-x64

10

b808daf0c1...65.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b808daf0c156bc4e8c0031156d9c4aa223ee03b275ff3bf640d7f7e8bddcf665

  • Size

    87KB

  • Sample

    221125-x4dk5acg8y

  • MD5

    dbb489872d9750ab7369412cfdc47006

  • SHA1

    bb949eba226a3ad414c424b35936487e741a2e70

  • SHA256

    b808daf0c156bc4e8c0031156d9c4aa223ee03b275ff3bf640d7f7e8bddcf665

  • SHA512

    a124d544ed7bd71fc1f5474a25264bdbfaf21d4c5f1c676417bb24443616134814790c51e0faf195d3fdf2a68f38e073cad9b064040efa8f205c3a7823da9566

  • SSDEEP

    1536:LOOOzLf/JWOWS7RWVbrzQ7IT9vQx23S2XOX1kWPKN1:EWVbrzQ7ITR3F+X1kiu1

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      b808daf0c156bc4e8c0031156d9c4aa223ee03b275ff3bf640d7f7e8bddcf665

    • Size

      87KB

    • MD5

      dbb489872d9750ab7369412cfdc47006

    • SHA1

      bb949eba226a3ad414c424b35936487e741a2e70

    • SHA256

      b808daf0c156bc4e8c0031156d9c4aa223ee03b275ff3bf640d7f7e8bddcf665

    • SHA512

      a124d544ed7bd71fc1f5474a25264bdbfaf21d4c5f1c676417bb24443616134814790c51e0faf195d3fdf2a68f38e073cad9b064040efa8f205c3a7823da9566

    • SSDEEP

      1536:LOOOzLf/JWOWS7RWVbrzQ7IT9vQx23S2XOX1kWPKN1:EWVbrzQ7ITR3F+X1kiu1

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks