Overview

overview

10

Static

static

8

8c5de22c84...b6.xls

windows7-x64

10

8c5de22c84...b6.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8c5de22c8438d848a0706bc38edd88caedf26b26ea91f806081c09101429fbb6

  • Size

    313KB

  • Sample

    221126-dn7dqabh31

  • MD5

    0a0e0f28d9b338a71e4aa9db9a018302

  • SHA1

    e89c81f6ac48bd8d4a302fc870c9566d08389a8a

  • SHA256

    8c5de22c8438d848a0706bc38edd88caedf26b26ea91f806081c09101429fbb6

  • SHA512

    9468c5cc754794d677bfe109ea40d4cc6452103b8c9e20b1819a22c7b1340ba7a2aa5416ebb3bbf09f63d839c079e7116a06ce769984ad6e8f03c989761668d7

  • SSDEEP

    6144:Hng93jn6NEQFk0J9yI8AKExDeJqyFjhhPB51MJ2:HKeEKk0zy/AKY2x5H2

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      8c5de22c8438d848a0706bc38edd88caedf26b26ea91f806081c09101429fbb6

    • Size

      313KB

    • MD5

      0a0e0f28d9b338a71e4aa9db9a018302

    • SHA1

      e89c81f6ac48bd8d4a302fc870c9566d08389a8a

    • SHA256

      8c5de22c8438d848a0706bc38edd88caedf26b26ea91f806081c09101429fbb6

    • SHA512

      9468c5cc754794d677bfe109ea40d4cc6452103b8c9e20b1819a22c7b1340ba7a2aa5416ebb3bbf09f63d839c079e7116a06ce769984ad6e8f03c989761668d7

    • SSDEEP

      6144:Hng93jn6NEQFk0J9yI8AKExDeJqyFjhhPB51MJ2:HKeEKk0zy/AKY2x5H2

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks