Overview

overview

10

Static

static

8

b507f59711...ac.xls

windows7-x64

10

b507f59711...ac.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b507f597117a4acd8ce703f3540738da8c0765ecbfaf2d77c01e0aca6f4700ac

  • Size

    94KB

  • Sample

    221129-r2egracc5w

  • MD5

    039ee77ecaf5281cfbf755de8b984f5d

  • SHA1

    d688728a7e25d04d47e19516f76dbd292b9b3c86

  • SHA256

    b507f597117a4acd8ce703f3540738da8c0765ecbfaf2d77c01e0aca6f4700ac

  • SHA512

    9973a203eddb1c754d543fb50265c5b9b6539d34be1f5d29791d04ee2797f44b9fc59b54d1e1459013b9b9e4773faebfa84f672359331114a3118b5036fce6f3

  • SSDEEP

    1536:5W2eadfHfWVKXDL4zQ7ITkR62l5IhY7nJdJoOd7cJyXwR+M2M/MRqkY:XWVZzQ7ITk9Q2AJyXwz5kJY

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      b507f597117a4acd8ce703f3540738da8c0765ecbfaf2d77c01e0aca6f4700ac

    • Size

      94KB

    • MD5

      039ee77ecaf5281cfbf755de8b984f5d

    • SHA1

      d688728a7e25d04d47e19516f76dbd292b9b3c86

    • SHA256

      b507f597117a4acd8ce703f3540738da8c0765ecbfaf2d77c01e0aca6f4700ac

    • SHA512

      9973a203eddb1c754d543fb50265c5b9b6539d34be1f5d29791d04ee2797f44b9fc59b54d1e1459013b9b9e4773faebfa84f672359331114a3118b5036fce6f3

    • SSDEEP

      1536:5W2eadfHfWVKXDL4zQ7ITkR62l5IhY7nJdJoOd7cJyXwR+M2M/MRqkY:XWVZzQ7ITk9Q2AJyXwz5kJY

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks