Overview

overview

10

Static

static

8

5ί�...ί.xls

windows7-x64

10

5ί�...ί.xls

windows10-2004-x64

10

5...��.doc

windows7-x64

4

5...��.doc

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c4b719a9c4be245f031da0e86defe002c8891828cbfe63ed15d3dc75655832b8

  • Size

    31KB

  • Sample

    221126-dn56nabh3y

  • MD5

    3af386ef8ca957ea74933493072f6dde

  • SHA1

    3b30ec032621c995da0f185abd90c201bc790513

  • SHA256

    c4b719a9c4be245f031da0e86defe002c8891828cbfe63ed15d3dc75655832b8

  • SHA512

    bcb003aa9ee22190cc647601cc66c89c26b097748128030f4c5fffa0a6d38783110926e518a9d1428b261b12ac242dab5efe42dee67e6c64960584fb6d634693

  • SSDEEP

    768:SzbPVRgFh6z8vseUfwOYugbddIdoyThutU2u:W/gFhK8seEw7h/I+yThL

Score
10/10
macromacro_on_actionxlm

Malware Config

Targets

    • Target

      5ίί.xls

    • Size

      60KB

    • MD5

      fea69535764564efcb07963a420dcb4b

    • SHA1

      eb7762cc19a586e06594aed9804c1af7106d7ecd

    • SHA256

      f3c4ff5ee8123f74d233f068a7186c8a22bcd1cdbe6475654345fc76870bd20f

    • SHA512

      8c2e8f23b17e736ef0553c2590a0954a8fdfde461be107b6d0bf4d33ed72e8c1413d2ad26db320613574142779a8f8a2be24c3231db0974291c3638fb8d3ecaf

    • SSDEEP

      1536:sIIIGxPTr6FaSkLu6pAJqNuYKl6Nc7yRzs1H75wkZUiEfClsQ6NqTBun5oAKG6EI:KKl6Nc7yRzs1H75wkZUgsQ6NqTBun5oE

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

    • Target

      5ί̨.doc

    • Size

      122KB

    • MD5

      988d2fc7bf4e80c4b243a24e4f8ad6e6

    • SHA1

      eb8f43dd5c4ed2bafa23d7a88f1b2d361c257aa0

    • SHA256

      515f0519775ec9eadb9df4a562eeb3313b7f3a1d2dad3604b31522c83de271c1

    • SHA512

      051578e96b198b015c044e7fec4b8b98e595381ba10ca958223ea8d68215ae6a61aad6374eea07e4a2fb77d52ce76d0492f6c66ce8761dd1f4122773add5a89c

    • SSDEEP

      384:G2GoF0F51mSaCNCaCyCaCTCTCzCwCwCwCRCxCxC2CWgfhR/s7oiqzR/YlN:Gc0czGpRp8cc//fyyy99gfH/syt/Y

    Score
    4/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

4
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks