Overview

overview

10

Static

static

8

418cbd9946...41.xls

windows7-x64

10

418cbd9946...41.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    418cbd99460c6c24ddd1aa7072e2a2a1d3c4a5546aa75d0e11b034015488b041

  • Size

    102KB

  • Sample

    221125-x5ke3ahh84

  • MD5

    2269705b0b0087eeeaa0e898ca3d6a58

  • SHA1

    e78bab8a55d6e9859455572f55061729f25ff9f1

  • SHA256

    418cbd99460c6c24ddd1aa7072e2a2a1d3c4a5546aa75d0e11b034015488b041

  • SHA512

    9ebd0a1820f06d5bccd3088a451c42f30d0edf17246ff3c7deb8d42c047e972d528310a8755fb965546700995f40754ef82c034f9d23370722250de0a35354ac

  • SSDEEP

    1536:LQQQca5QyDHBWVbrzlp7ITkR62lGM88wcJtXwRlM2M/M/EbdF:+WVbrz/7ITk9tjDJtXw45kYdF

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      418cbd99460c6c24ddd1aa7072e2a2a1d3c4a5546aa75d0e11b034015488b041

    • Size

      102KB

    • MD5

      2269705b0b0087eeeaa0e898ca3d6a58

    • SHA1

      e78bab8a55d6e9859455572f55061729f25ff9f1

    • SHA256

      418cbd99460c6c24ddd1aa7072e2a2a1d3c4a5546aa75d0e11b034015488b041

    • SHA512

      9ebd0a1820f06d5bccd3088a451c42f30d0edf17246ff3c7deb8d42c047e972d528310a8755fb965546700995f40754ef82c034f9d23370722250de0a35354ac

    • SSDEEP

      1536:LQQQca5QyDHBWVbrzlp7ITkR62lGM88wcJtXwRlM2M/M/EbdF:+WVbrz/7ITk9tjDJtXw45kYdF

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks