Overview

overview

10

Static

static

8

6dd3bb33c6...62.xls

windows7-x64

10

6dd3bb33c6...62.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6dd3bb33c666e7c81be63e218f26c88f77eee70a65524ff37c148c4da3573362

  • Size

    91KB

  • Sample

    221125-x5dyaahh65

  • MD5

    b058cb31647157b7580b0c437ecac2ef

  • SHA1

    a4abd2d31aadf839a19cb2ab8a79d98991bee167

  • SHA256

    6dd3bb33c666e7c81be63e218f26c88f77eee70a65524ff37c148c4da3573362

  • SHA512

    d5f017d960e71d453fe55255d72eb5d031b945e7eafabd0d6c75179059f6f7c17020fcebfca2ada982ee761b04824061526468fba37ea5361aaeb5ae41e4aaa3

  • SSDEEP

    1536:yiiiG4ebPv9WVHrzQ7ITkcKo62lGM88SdJtXw9x2dqRE:GWVHrzQ7ITkqtjIJtXw72dqRE

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      6dd3bb33c666e7c81be63e218f26c88f77eee70a65524ff37c148c4da3573362

    • Size

      91KB

    • MD5

      b058cb31647157b7580b0c437ecac2ef

    • SHA1

      a4abd2d31aadf839a19cb2ab8a79d98991bee167

    • SHA256

      6dd3bb33c666e7c81be63e218f26c88f77eee70a65524ff37c148c4da3573362

    • SHA512

      d5f017d960e71d453fe55255d72eb5d031b945e7eafabd0d6c75179059f6f7c17020fcebfca2ada982ee761b04824061526468fba37ea5361aaeb5ae41e4aaa3

    • SSDEEP

      1536:yiiiG4ebPv9WVHrzQ7ITkcKo62lGM88SdJtXw9x2dqRE:GWVHrzQ7ITkqtjIJtXw72dqRE

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks