Overview

overview

10

Static

static

8

a30b5d5509...a0.xls

windows7-x64

10

a30b5d5509...a0.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a30b5d550915a8aae62a985a087df140be24c665c6d8977b38ac072f8c822fa0

  • Size

    147KB

  • Sample

    221128-bmdc5sda64

  • MD5

    89931447b43c20e47cf5d5a56ce8871f

  • SHA1

    2a799346033124326fde9ec344220d48c9760165

  • SHA256

    a30b5d550915a8aae62a985a087df140be24c665c6d8977b38ac072f8c822fa0

  • SHA512

    90d6709943a73d670b7babe1b591418ab26a8add04aeef19758f0bad59e0f91ffd478456e49dbd03dfd117214a16daa8bf31214ed74229a4d20364a1028a4b8c

  • SSDEEP

    1536:OeeeqsaebRowWiL8O820MVKWVbrzQ7IzKK5kbA23FkI/cJtXwqpa87237ZIDEE:rbRfb8uoWVbrzQ7IWskZWIEJtXwLODv

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      a30b5d550915a8aae62a985a087df140be24c665c6d8977b38ac072f8c822fa0

    • Size

      147KB

    • MD5

      89931447b43c20e47cf5d5a56ce8871f

    • SHA1

      2a799346033124326fde9ec344220d48c9760165

    • SHA256

      a30b5d550915a8aae62a985a087df140be24c665c6d8977b38ac072f8c822fa0

    • SHA512

      90d6709943a73d670b7babe1b591418ab26a8add04aeef19758f0bad59e0f91ffd478456e49dbd03dfd117214a16daa8bf31214ed74229a4d20364a1028a4b8c

    • SSDEEP

      1536:OeeeqsaebRowWiL8O820MVKWVbrzQ7IzKK5kbA23FkI/cJtXwqpa87237ZIDEE:rbRfb8uoWVbrzQ7IWskZWIEJtXwLODv

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks