Overview

overview

10

Static

static

8

45dc901319...71.xls

windows7-x64

10

45dc901319...71.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45dc9013197a06c850ec744b62752731f43e8be34a0333e47206a77482046571

  • Size

    137KB

  • Sample

    221126-dn7z9agf29

  • MD5

    3ad1cb077fb9f185f4c3fab46866959a

  • SHA1

    80f2befef95a4dc0adfccecb5d954b6b9d6d5424

  • SHA256

    45dc9013197a06c850ec744b62752731f43e8be34a0333e47206a77482046571

  • SHA512

    33b16b0b640a86f614e7c2ab85202f227be0ee4b1ac8e644f7d230caf14bea1a570e261f1a1dbd724cf0a5318f5c8368a6f47f3d4df214ea8c8bf34183f071b7

  • SSDEEP

    3072:IwZGG/qpcYkylWVbrzQ7ITkGt6yDWBQn6KNL7:cWYytb

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      45dc9013197a06c850ec744b62752731f43e8be34a0333e47206a77482046571

    • Size

      137KB

    • MD5

      3ad1cb077fb9f185f4c3fab46866959a

    • SHA1

      80f2befef95a4dc0adfccecb5d954b6b9d6d5424

    • SHA256

      45dc9013197a06c850ec744b62752731f43e8be34a0333e47206a77482046571

    • SHA512

      33b16b0b640a86f614e7c2ab85202f227be0ee4b1ac8e644f7d230caf14bea1a570e261f1a1dbd724cf0a5318f5c8368a6f47f3d4df214ea8c8bf34183f071b7

    • SSDEEP

      3072:IwZGG/qpcYkylWVbrzQ7ITkGt6yDWBQn6KNL7:cWYytb

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks