Overview

overview

10

Static

static

8

8dfa647de5...61.xls

windows7-x64

10

8dfa647de5...61.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8dfa647de53abf0c86610de100e449795580871c555345ad9fefdf778e3a2f61

  • Size

    98KB

  • Sample

    221127-n1zjraaa8s

  • MD5

    ff93a696a28ed0935f01957e1964ebaf

  • SHA1

    0bb2ee6846654f2fdb20e5585de60894981e7be8

  • SHA256

    8dfa647de53abf0c86610de100e449795580871c555345ad9fefdf778e3a2f61

  • SHA512

    375a41c68702c07e16b8b55edfbb0ab522986cc8e274a34593d72ba88966eeef352472bc78c464fa397a3beaaccae51940bbfb1e2e28ed3ddf80e800a3e414a1

  • SSDEEP

    1536:3cccQT9cu1xnWVbrzQ7voTkiD2lG2UrJtXwRfmSM2M/ME8oB/ynq:XLWVbrzQ7gTkDTIJtXwcl5k+/yq

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      8dfa647de53abf0c86610de100e449795580871c555345ad9fefdf778e3a2f61

    • Size

      98KB

    • MD5

      ff93a696a28ed0935f01957e1964ebaf

    • SHA1

      0bb2ee6846654f2fdb20e5585de60894981e7be8

    • SHA256

      8dfa647de53abf0c86610de100e449795580871c555345ad9fefdf778e3a2f61

    • SHA512

      375a41c68702c07e16b8b55edfbb0ab522986cc8e274a34593d72ba88966eeef352472bc78c464fa397a3beaaccae51940bbfb1e2e28ed3ddf80e800a3e414a1

    • SSDEEP

      1536:3cccQT9cu1xnWVbrzQ7voTkiD2lG2UrJtXwRfmSM2M/ME8oB/ynq:XLWVbrzQ7gTkDTIJtXwcl5k+/yq

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks