Overview

overview

8

Static

static

8

b2fe104668...1f.xls

windows7-x64

1

b2fe104668...1f.xls

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2fe1046682524eceb6eab4f99dcdd652d6777300eb3d2c161fc082df3c52d1f

  • Size

    47KB

  • Sample

    221127-n3939sac4s

  • MD5

    af897e492a6d2b636dd51217efc3464e

  • SHA1

    cbe495b937bfaaba9b11f57ec9112b18c04a6b2d

  • SHA256

    b2fe1046682524eceb6eab4f99dcdd652d6777300eb3d2c161fc082df3c52d1f

  • SHA512

    24ae65719eca653db8bd3bfccddae1f0b51f74fb362f89cde1fb096a72fc1f6118a14fed887602240258d8b11eee6b208c9783ed607c3e8e3edbc2c8aab0ea05

  • SSDEEP

    384:6+LbiwXmQ9MTjCpDa4sy6LCfFwlbciAfQMaViUItq7iiWfIA/XC:6+Lbix7/Cla4gLCfWxci5MhUItdrBXC

Score
8/10
macromacro_on_action

Malware Config

Targets

    • Target

      b2fe1046682524eceb6eab4f99dcdd652d6777300eb3d2c161fc082df3c52d1f

    • Size

      47KB

    • MD5

      af897e492a6d2b636dd51217efc3464e

    • SHA1

      cbe495b937bfaaba9b11f57ec9112b18c04a6b2d

    • SHA256

      b2fe1046682524eceb6eab4f99dcdd652d6777300eb3d2c161fc082df3c52d1f

    • SHA512

      24ae65719eca653db8bd3bfccddae1f0b51f74fb362f89cde1fb096a72fc1f6118a14fed887602240258d8b11eee6b208c9783ed607c3e8e3edbc2c8aab0ea05

    • SSDEEP

      384:6+LbiwXmQ9MTjCpDa4sy6LCfFwlbciAfQMaViUItq7iiWfIA/XC:6+Lbix7/Cla4gLCfWxci5MhUItdrBXC

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks