Overview

overview

10

Static

static

8

c02eda7846...5c.xls

windows7-x64

10

c02eda7846...5c.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c02eda78460100261b7d48f70e6adb12db6a305a93bac68e8835807b6963cb5c

  • Size

    88KB

  • Sample

    221129-s38yesfc91

  • MD5

    d07c24eef846bafc9b144cbc78689702

  • SHA1

    50211fc1b0ddf50328bfeb3cbf3db9fe2138fdf6

  • SHA256

    c02eda78460100261b7d48f70e6adb12db6a305a93bac68e8835807b6963cb5c

  • SHA512

    f88bca908a1ad62a7aaf279f85c05ccbd2c201af442c04bdf4948efff45dca7360a76c8a0bdfcd43ba4f02ecc91eba2122dd1c142eddda9904767b0e4d3a194a

  • SSDEEP

    1536:dMYmVWJj2jcc0lbxOvTgZi4cY7nJdFoOGIWWtqXK6Qb:sS2jcc0lbxOr2pQafb

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      c02eda78460100261b7d48f70e6adb12db6a305a93bac68e8835807b6963cb5c

    • Size

      88KB

    • MD5

      d07c24eef846bafc9b144cbc78689702

    • SHA1

      50211fc1b0ddf50328bfeb3cbf3db9fe2138fdf6

    • SHA256

      c02eda78460100261b7d48f70e6adb12db6a305a93bac68e8835807b6963cb5c

    • SHA512

      f88bca908a1ad62a7aaf279f85c05ccbd2c201af442c04bdf4948efff45dca7360a76c8a0bdfcd43ba4f02ecc91eba2122dd1c142eddda9904767b0e4d3a194a

    • SSDEEP

      1536:dMYmVWJj2jcc0lbxOvTgZi4cY7nJdFoOGIWWtqXK6Qb:sS2jcc0lbxOr2pQafb

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks