Overview

overview

10

Static

static

8

a7d9d492ec...2.xlsm

windows7-x64

10

a7d9d492ec...2.xlsm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a7d9d492ecd259ff1e73cf5ddf7920e80c1215e1d3b197dc2212249d3cdeee82

  • Size

    67KB

  • Sample

    221130-s1224afc7y

  • MD5

    ca16baa7a5f27fb4bf6b45285d070144

  • SHA1

    a4234b5d2174c79949f8c7390a0a595d6fd7ce25

  • SHA256

    a7d9d492ecd259ff1e73cf5ddf7920e80c1215e1d3b197dc2212249d3cdeee82

  • SHA512

    bb68f30bd60c32917c00bbc43498e76c6e634368f34d876012a6e8d9eb4327eb453ada6088fa17c83eda80fcf067d8a2d0bd8eae500ce9eabd5a26213644d3b0

  • SSDEEP

    1536:L0MmCrmQDlkIHgd2jlR6druM1O7fd7lCPdA/Z0yXILLQGTuBP2GyiZ:IxC5rK2mBuM1ylCPdAZmzTKdH

Score
10/10
macro

Malware Config

Targets

    • Target

      a7d9d492ecd259ff1e73cf5ddf7920e80c1215e1d3b197dc2212249d3cdeee82

    • Size

      67KB

    • MD5

      ca16baa7a5f27fb4bf6b45285d070144

    • SHA1

      a4234b5d2174c79949f8c7390a0a595d6fd7ce25

    • SHA256

      a7d9d492ecd259ff1e73cf5ddf7920e80c1215e1d3b197dc2212249d3cdeee82

    • SHA512

      bb68f30bd60c32917c00bbc43498e76c6e634368f34d876012a6e8d9eb4327eb453ada6088fa17c83eda80fcf067d8a2d0bd8eae500ce9eabd5a26213644d3b0

    • SSDEEP

      1536:L0MmCrmQDlkIHgd2jlR6druM1O7fd7lCPdA/Z0yXILLQGTuBP2GyiZ:IxC5rK2mBuM1ylCPdAZmzTKdH

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks