Overview

overview

10

Static

static

8

1bd0caf3ce...79.xls

windows7-x64

10

1bd0caf3ce...79.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1bd0caf3cec1eeb412db45f0b242375118f7c3356e540334eeee89d70fc4d379

  • Size

    260KB

  • Sample

    221126-dnjyesge76

  • MD5

    38d711ad89627fd7045b1e9f90254406

  • SHA1

    cc1f3800840aa1f9498c1cefb8edf3f044cce171

  • SHA256

    1bd0caf3cec1eeb412db45f0b242375118f7c3356e540334eeee89d70fc4d379

  • SHA512

    cad23fd4390d3aa271d6c0432b765f157e93616d9423848e13bbfb4aa02add44ecf2b19e5dbda1b7199228d485da72fdf1fa49603ffa9c4f5d1671bf5c09a1e1

  • SSDEEP

    3072:l90RCuHF9XzI4QHAawFg4KQX0Gy2jcc0lbxOK103L3FoJtXw8S:H08WHzTY1EgpQX0G3L3Y

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      1bd0caf3cec1eeb412db45f0b242375118f7c3356e540334eeee89d70fc4d379

    • Size

      260KB

    • MD5

      38d711ad89627fd7045b1e9f90254406

    • SHA1

      cc1f3800840aa1f9498c1cefb8edf3f044cce171

    • SHA256

      1bd0caf3cec1eeb412db45f0b242375118f7c3356e540334eeee89d70fc4d379

    • SHA512

      cad23fd4390d3aa271d6c0432b765f157e93616d9423848e13bbfb4aa02add44ecf2b19e5dbda1b7199228d485da72fdf1fa49603ffa9c4f5d1671bf5c09a1e1

    • SSDEEP

      3072:l90RCuHF9XzI4QHAawFg4KQX0Gy2jcc0lbxOK103L3FoJtXw8S:H08WHzTY1EgpQX0G3L3Y

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks