Overview

overview

10

Static

static

8

446eaec7da...6e.xls

windows7-x64

10

446eaec7da...6e.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    446eaec7da3287997f51aebe25cfab14114b179b1ec2b21d9a1f65040629f86e

  • Size

    93KB

  • Sample

    221129-s4bpbafd2x

  • MD5

    9444b1112cc6395a7783e73dcd1ccf77

  • SHA1

    bea4e279f9226d31a6f8befd330fd4ee78eb0968

  • SHA256

    446eaec7da3287997f51aebe25cfab14114b179b1ec2b21d9a1f65040629f86e

  • SHA512

    3a2d7fda586e608399ca6d1d7cb1c3733b7fdc4e84688c16537b97e39a53a9c25e24648ee8b3df54be2e2e8e886be59ae90e0c36da4664fa7b21649518f81066

  • SSDEEP

    1536:WlJJJUediaLJ67grADfMLH21RZ95P717WVbrzQ7PKOtgZoTkR62luIhY7nJdJoOR:Z/BWVbrzQ7HyyTk9V2AJaXw25kAVh

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      446eaec7da3287997f51aebe25cfab14114b179b1ec2b21d9a1f65040629f86e

    • Size

      93KB

    • MD5

      9444b1112cc6395a7783e73dcd1ccf77

    • SHA1

      bea4e279f9226d31a6f8befd330fd4ee78eb0968

    • SHA256

      446eaec7da3287997f51aebe25cfab14114b179b1ec2b21d9a1f65040629f86e

    • SHA512

      3a2d7fda586e608399ca6d1d7cb1c3733b7fdc4e84688c16537b97e39a53a9c25e24648ee8b3df54be2e2e8e886be59ae90e0c36da4664fa7b21649518f81066

    • SSDEEP

      1536:WlJJJUediaLJ67grADfMLH21RZ95P717WVbrzQ7PKOtgZoTkR62luIhY7nJdJoOR:Z/BWVbrzQ7HyyTk9V2AJaXw25kAVh

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks