Overview

overview

10

Static

static

8

91d0e2db51...bf.xls

windows7-x64

10

91d0e2db51...bf.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    91d0e2db5186b1bbb572b959915706234f25e01ab065c97a23986341cb4d77bf

  • Size

    131KB

  • Sample

    221126-dn6r7agf27

  • MD5

    578ec83f00482a0eb6ef9ac7d335824a

  • SHA1

    832f7ac4715fc88e203f2ef42d2e5511e2bf7bec

  • SHA256

    91d0e2db5186b1bbb572b959915706234f25e01ab065c97a23986341cb4d77bf

  • SHA512

    680480e8ae798fdf2bbc3a45a4bc30b858416d6440f01558ef7a261fe5ce073b0066d7f314e3d487a537cb61829f01965f7f95352d5e6af68f4f1e1548f51baf

  • SSDEEP

    1536:wnnnjYiabhn9nhnrngvna3APUi5g0Ka0pNMWVbrzQSstITkbA23CozWWt2XKyISs:X30UX0Ka0pNMWVbrzQSstITkZ7yaPZ

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      91d0e2db5186b1bbb572b959915706234f25e01ab065c97a23986341cb4d77bf

    • Size

      131KB

    • MD5

      578ec83f00482a0eb6ef9ac7d335824a

    • SHA1

      832f7ac4715fc88e203f2ef42d2e5511e2bf7bec

    • SHA256

      91d0e2db5186b1bbb572b959915706234f25e01ab065c97a23986341cb4d77bf

    • SHA512

      680480e8ae798fdf2bbc3a45a4bc30b858416d6440f01558ef7a261fe5ce073b0066d7f314e3d487a537cb61829f01965f7f95352d5e6af68f4f1e1548f51baf

    • SSDEEP

      1536:wnnnjYiabhn9nhnrngvna3APUi5g0Ka0pNMWVbrzQSstITkbA23CozWWt2XKyISs:X30UX0Ka0pNMWVbrzQSstITkZ7yaPZ

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks