44d12400be53c5a0606f05704f2571352f10435e69eaf404bffb059f7b95dda4 | Triage

Submit
Reports

Overview

overview

Static

static

8

语文.xls

windows7-x64

语文.xls

windows10-2004-x64

Sharing

General

Target

44d12400be53c5a0606f05704f2571352f10435e69eaf404bffb059f7b95dda4
Size

50KB
Sample

221126-zygfyaeb33
MD5

666d89831ed03216b190699afd9de5ae
SHA1

4949ac02208846fa9ac55b4a7303fdaca4cfd6c2
SHA256

44d12400be53c5a0606f05704f2571352f10435e69eaf404bffb059f7b95dda4
SHA512

42ead2cd568deedf10f52c2434d8fb60051d0857d92f6b0e7f21cd7a9b99aef4291b2efa63848d1fa8f6495b70299eeaf6b5231c74fdcefbb7627ef9b1d79c51
SSDEEP

1536:v/gvPgHI4mrYKG5XmvSKERfQmX7B6Jnoh:QEI1IiSFRfQm2noh

Score

10^/10

macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

语文.xls

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

语文.xls

Resource

win10v2004-20220812-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  语文.xls
- Size
  
  155KB
- MD5
  
  affab620cd4c0a0b6b68d9eb1dbddd1e
- SHA1
  
  86d4a4c9328762e7819d9d1203bafa9ceb2e7023
- SHA256
  
  18ee8040609562e0d7890555c27bbf19029a41f724209eb8f49a1c021314e91c
- SHA512
  
  5b5b4fa2eaae68ddab8db99ccfc27eddd0ca13d9a735da5421f18c0a8eb3242279b8dc3857076c0346e5f5bab37ca2492d4b6a32317377481e2504b08756e35e
- SSDEEP
  
  3072:LSVQzu271vEDW3YkWVbrzQ7IjHgkZyDWTtn6KNLk:L0vHj
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Modify Registry

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy