Overview

overview

10

Static

static

8

839ea835bb...01.xls

windows7-x64

10

839ea835bb...01.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    839ea835bb76f39f715466a4202ca744296cefea697f759bf1fc187474ac5901

  • Size

    91KB

  • Sample

    221125-x5evkshh67

  • MD5

    7ddca9abc349d44f1c7b1c15936cef81

  • SHA1

    fcae9e73cb428d380f19d61d72503d2809d707c2

  • SHA256

    839ea835bb76f39f715466a4202ca744296cefea697f759bf1fc187474ac5901

  • SHA512

    c95df966bf69a20a0500e79ad05f2dc238befa0fb85cb1a0a3fe3ff6d511eddb7a06a8fe80de92167998a10e7c529809fa361151b31306eea636cecf7d614011

  • SSDEEP

    1536:1888wOJytNnoWVbr3Q7ITkMXr62lGM88S4JtXwnjdd:JoWVbr3Q7ITk8tjNJtXwjdd

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      839ea835bb76f39f715466a4202ca744296cefea697f759bf1fc187474ac5901

    • Size

      91KB

    • MD5

      7ddca9abc349d44f1c7b1c15936cef81

    • SHA1

      fcae9e73cb428d380f19d61d72503d2809d707c2

    • SHA256

      839ea835bb76f39f715466a4202ca744296cefea697f759bf1fc187474ac5901

    • SHA512

      c95df966bf69a20a0500e79ad05f2dc238befa0fb85cb1a0a3fe3ff6d511eddb7a06a8fe80de92167998a10e7c529809fa361151b31306eea636cecf7d614011

    • SSDEEP

      1536:1888wOJytNnoWVbr3Q7ITkMXr62lGM88S4JtXwnjdd:JoWVbr3Q7ITk8tjNJtXwjdd

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks