Overview

overview

10

Static

static

8

8282977b24...5f.xls

windows7-x64

10

8282977b24...5f.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8282977b24c505fb08ebdb60b2a86396f387d52a7379a1d52dffb44d5d9ec55f

  • Size

    128KB

  • Sample

    221125-x5q8lsch9w

  • MD5

    ed472165e3c1592055df3aafd8b0c1e0

  • SHA1

    4fd9cf8cf8d6c8abf54bc7b5094a6e8fe52cd79d

  • SHA256

    8282977b24c505fb08ebdb60b2a86396f387d52a7379a1d52dffb44d5d9ec55f

  • SHA512

    adc464dac8530419b7b20a1615b13b3d073f509ee2b1e4af497ac42d16c971a85c165459586a2659a584a00448769656aa81c62364481c06e1c6f366e4ac3de1

  • SSDEEP

    1536:Mjjjjn1/foa2WVbrzQ7ITPI4PR62bzM88e80UX4JHD6kCtzSAYWQx803053RX:rWVbrzQ7ITAw9Ujn0UX4ZdCcj80EJ

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      8282977b24c505fb08ebdb60b2a86396f387d52a7379a1d52dffb44d5d9ec55f

    • Size

      128KB

    • MD5

      ed472165e3c1592055df3aafd8b0c1e0

    • SHA1

      4fd9cf8cf8d6c8abf54bc7b5094a6e8fe52cd79d

    • SHA256

      8282977b24c505fb08ebdb60b2a86396f387d52a7379a1d52dffb44d5d9ec55f

    • SHA512

      adc464dac8530419b7b20a1615b13b3d073f509ee2b1e4af497ac42d16c971a85c165459586a2659a584a00448769656aa81c62364481c06e1c6f366e4ac3de1

    • SSDEEP

      1536:Mjjjjn1/foa2WVbrzQ7ITPI4PR62bzM88e80UX4JHD6kCtzSAYWQx803053RX:rWVbrzQ7ITAw9Ujn0UX4ZdCcj80EJ

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks