ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760 | Triage

Submit
Reports

Overview

overview

Static

static

8

ffc9eca5a1...0.xlsm

windows7-x64

ffc9eca5a1...0.xlsm

windows10-2004-x64

Sharing

General

Target

ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760
Size

19KB
Sample

221130-s434kada54
MD5

e1add0c2917aaf34236db315da09d8f2
SHA1

3460271d345cc4ba4ab112c5abe04e40e483145e
SHA256

ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760
SHA512

e041cf1b0c4aeb491488b027d08ea5c2febd640ce08166f5610e9baf783b2eacf39bd23591c3325255e67d548acca49ba72aeff9f0afcaa0505331f8ce252ecc
SSDEEP

384:+2QdQ5yunO0qEF6C4zfusWGCVXToqIJPXaxq5:+U5D6EFTcKdKMc

Score

10^/10

macro

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760.xlsm

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760.xlsm

Resource

win10v2004-20220901-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://panelonetwothree.ga/work/6.exe

Targets

- Target
  
  ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760
- Size
  
  19KB
- MD5
  
  e1add0c2917aaf34236db315da09d8f2
- SHA1
  
  3460271d345cc4ba4ab112c5abe04e40e483145e
- SHA256
  
  ffc9eca5a1e84b5ebe2d3f7124efbd48d96d24686b429f09743359370f915760
- SHA512
  
  e041cf1b0c4aeb491488b027d08ea5c2febd640ce08166f5610e9baf783b2eacf39bd23591c3325255e67d548acca49ba72aeff9f0afcaa0505331f8ce252ecc
- SSDEEP
  
  384:+2QdQ5yunO0qEF6C4zfusWGCVXToqIJPXaxq5:+U5D6EFTcKdKMc
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy