Overview

overview

10

Static

static

8

3507038907...6c.xls

windows7-x64

10

3507038907...6c.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3507038907afc5fb9c2c8b0c98c1c85933b75501b7a8753f35ed87b4913e096c

  • Size

    99KB

  • Sample

    221127-dfd27seb62

  • MD5

    7bbb5e14dcc30c24b6543312386ad173

  • SHA1

    9c5ebdedcd276885244f9616fb68cbb063681760

  • SHA256

    3507038907afc5fb9c2c8b0c98c1c85933b75501b7a8753f35ed87b4913e096c

  • SHA512

    dcb52692c0d9e4bc278262e82fbfddcb3ea97ef9821b23a197c616fe2ea96d69805bacb2c889dae1dae93c57e344beea7685034639c6112e576178ba0f8c17b8

  • SSDEEP

    1536:IpppFawT3BhWVbrzhcCo7ITkR62lScfrbmWt2XKsbM2M/MJMuN:9mWVbrzhQ7ITk9Rj6af5kuG

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      3507038907afc5fb9c2c8b0c98c1c85933b75501b7a8753f35ed87b4913e096c

    • Size

      99KB

    • MD5

      7bbb5e14dcc30c24b6543312386ad173

    • SHA1

      9c5ebdedcd276885244f9616fb68cbb063681760

    • SHA256

      3507038907afc5fb9c2c8b0c98c1c85933b75501b7a8753f35ed87b4913e096c

    • SHA512

      dcb52692c0d9e4bc278262e82fbfddcb3ea97ef9821b23a197c616fe2ea96d69805bacb2c889dae1dae93c57e344beea7685034639c6112e576178ba0f8c17b8

    • SSDEEP

      1536:IpppFawT3BhWVbrzhcCo7ITkR62lScfrbmWt2XKsbM2M/MJMuN:9mWVbrzhQ7ITk9Rj6af5kuG

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks