Overview

overview

10

Static

static

8

7e0265e4b6...b9.xls

windows7-x64

10

7e0265e4b6...b9.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e0265e4b600a77260004f128212078062168e647a108527c0212b63c649a7b9

  • Size

    93KB

  • Sample

    221129-s4dtnsce93

  • MD5

    431f13e1b70222b22ab2d7695ceb27d4

  • SHA1

    b554a5b5bb5a811b97486c75c66a9f63048cc676

  • SHA256

    7e0265e4b600a77260004f128212078062168e647a108527c0212b63c649a7b9

  • SHA512

    443676ce14a9d0492d4a4e7661e9abfc59e609827d1aeb1fd7c237369ed3d7991d259f3dd9c0cf1942764b9274b05ae2a0fa8d66fea2c957613ef6583c81fb2b

  • SSDEEP

    1536:j7vvvCAD10c1P8l+VedZKRo4FZ95WfAKWVbrzQ7JKOtgZPTkR62luIhY7nJdJoOr:DwLWVbrzQ7xylTk9V2AJaXwr5kxk8

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      7e0265e4b600a77260004f128212078062168e647a108527c0212b63c649a7b9

    • Size

      93KB

    • MD5

      431f13e1b70222b22ab2d7695ceb27d4

    • SHA1

      b554a5b5bb5a811b97486c75c66a9f63048cc676

    • SHA256

      7e0265e4b600a77260004f128212078062168e647a108527c0212b63c649a7b9

    • SHA512

      443676ce14a9d0492d4a4e7661e9abfc59e609827d1aeb1fd7c237369ed3d7991d259f3dd9c0cf1942764b9274b05ae2a0fa8d66fea2c957613ef6583c81fb2b

    • SSDEEP

      1536:j7vvvCAD10c1P8l+VedZKRo4FZ95WfAKWVbrzQ7JKOtgZPTkR62luIhY7nJdJoOr:DwLWVbrzQ7xylTk9V2AJaXwr5kxk8

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks