Overview

overview

10

Static

static

8

3078402bc8...24.xls

windows7-x64

10

3078402bc8...24.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3078402bc8b551ac18d79f6f7fddcdbdb468f286e46a9818f307c0f2f50d5924

  • Size

    102KB

  • Sample

    221127-dfj88ahf2z

  • MD5

    1457447d8e07abe91dd79ed918a9a92b

  • SHA1

    449f01b3923e61aa85ba9fce5de1dd47473e349d

  • SHA256

    3078402bc8b551ac18d79f6f7fddcdbdb468f286e46a9818f307c0f2f50d5924

  • SHA512

    122437893e87074cd8f72b9809bfca65893cf04fdd1206825b4c99598fb2651bfe533eb7fb86661ce20a66bb6adaf86f8caff13410ef286f2cbf347c1be0a654

  • SSDEEP

    1536:otPReSc0uIV197laaUm2jcc0lbxOvTgZr5cY7nJdFoOGIWWt2XKv4N:CESc0uIV1Blac2jcc0lbxOrQpEaAN

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      3078402bc8b551ac18d79f6f7fddcdbdb468f286e46a9818f307c0f2f50d5924

    • Size

      102KB

    • MD5

      1457447d8e07abe91dd79ed918a9a92b

    • SHA1

      449f01b3923e61aa85ba9fce5de1dd47473e349d

    • SHA256

      3078402bc8b551ac18d79f6f7fddcdbdb468f286e46a9818f307c0f2f50d5924

    • SHA512

      122437893e87074cd8f72b9809bfca65893cf04fdd1206825b4c99598fb2651bfe533eb7fb86661ce20a66bb6adaf86f8caff13410ef286f2cbf347c1be0a654

    • SSDEEP

      1536:otPReSc0uIV197laaUm2jcc0lbxOvTgZr5cY7nJdFoOGIWWt2XKv4N:CESc0uIV1Blac2jcc0lbxOrQpEaAN

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks