d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5 | Triage

Submit
Reports

Overview

overview

Static

static

8

d5fd9f154b...c5.xls

windows7-x64

d5fd9f154b...c5.xls

windows10-2004-x64

Sharing

General

Target

d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5
Size

58KB
Sample

221129-km65wsdb29
MD5

6d2d680fa88341b1920538aa105fab88
SHA1

ea2176911810bcb47ae7df41750117246cb2ff52
SHA256

d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5
SHA512

a5a472eb3392aae20162aa6585437587055b61a1f8e4038140d7fa362b96f173556221ea1bf633c2d7e0d6706f4fa5ded9f82ac3401049c6ea80492858f90868
SSDEEP

768:MrrrfC+2XR2HqUMLFz0kTKiMY3og/1JFNhSenFZctwFiJtF26mDF5dIXF7rF/0qK:MrrrfC+2wp2+3IRaD7NTe

Score

10^/10

evasion macro persistence xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5.xls

Resource

win7-20221111-en

evasion persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5.xls

Resource

win10v2004-20220901-en

evasion persistence

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5
- Size
  
  58KB
- MD5
  
  6d2d680fa88341b1920538aa105fab88
- SHA1
  
  ea2176911810bcb47ae7df41750117246cb2ff52
- SHA256
  
  d5fd9f154b78723434a34da893129c0aaae237355eacec9e53a85425d64767c5
- SHA512
  
  a5a472eb3392aae20162aa6585437587055b61a1f8e4038140d7fa362b96f173556221ea1bf633c2d7e0d6706f4fa5ded9f82ac3401049c6ea80492858f90868
- SSDEEP
  
  768:MrrrfC+2XR2HqUMLFz0kTKiMY3og/1JFNhSenFZctwFiJtF26mDF5dIXF7rF/0qK:MrrrfC+2wp2+3IRaD7NTe
Score

10^/10

evasion persistence
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

© 2018-2024

Terms | Privacy