Overview

overview

10

Static

static

8

92f7e3a1f6...90.xls

windows7-x64

10

92f7e3a1f6...90.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92f7e3a1f646f9379fe35b4f786975a828e92765ce2cd500d5f5927865070e90

  • Size

    112KB

  • Sample

    221129-s4ee7sfd21

  • MD5

    26cd8b1a5ef7eae712fb5e0a093675bf

  • SHA1

    2e63fc62dff6999017994e7a26ab14f2c4d00fe4

  • SHA256

    92f7e3a1f646f9379fe35b4f786975a828e92765ce2cd500d5f5927865070e90

  • SHA512

    6652f252cef318d97a1d4362a2ec3e86457cf4344c061fb875c189afbcaa493b62879929de69b1adde0fb86b92cb0e7c48e77ba23495e42e2a0230ff44658139

  • SSDEEP

    3072:9qALvDhVFWVbrzQ7uykTk922AJtXwI5kQU:5myt2

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      92f7e3a1f646f9379fe35b4f786975a828e92765ce2cd500d5f5927865070e90

    • Size

      112KB

    • MD5

      26cd8b1a5ef7eae712fb5e0a093675bf

    • SHA1

      2e63fc62dff6999017994e7a26ab14f2c4d00fe4

    • SHA256

      92f7e3a1f646f9379fe35b4f786975a828e92765ce2cd500d5f5927865070e90

    • SHA512

      6652f252cef318d97a1d4362a2ec3e86457cf4344c061fb875c189afbcaa493b62879929de69b1adde0fb86b92cb0e7c48e77ba23495e42e2a0230ff44658139

    • SSDEEP

      3072:9qALvDhVFWVbrzQ7uykTk922AJtXwI5kQU:5myt2

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks