Overview

overview

10

Static

static

8

a8a8dfbdb9...c0.xls

windows7-x64

1

a8a8dfbdb9...c0.xls

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8a8dfbdb992f52df91ff8171a9f87ca5b6387c6d73934816891b1367c387dc0

  • Size

    55KB

  • Sample

    221201-mrhdfadh7z

  • MD5

    fa8615921a34200f81a4bcf279491027

  • SHA1

    8f3c9f1fe3352ccc29b4a4610fe7dfe98e59889e

  • SHA256

    a8a8dfbdb992f52df91ff8171a9f87ca5b6387c6d73934816891b1367c387dc0

  • SHA512

    0b5655ab81fe23e2636bd77c8729c8bc6c35bae256bcb39bd40aff0fb2ea81b74490946095a36df229ee92b36e7391f7f8534638d195bb3d6acd018e17536624

  • SSDEEP

    1536:iJJJlk7xUAreiaL+QD8YI7fgAJLfD6dUhGomQNe1tmd8aYwGl/196RvHP+oxy132:+se1tmC/196RvHP+oxy13gN/MeEaLjGm

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      a8a8dfbdb992f52df91ff8171a9f87ca5b6387c6d73934816891b1367c387dc0

    • Size

      55KB

    • MD5

      fa8615921a34200f81a4bcf279491027

    • SHA1

      8f3c9f1fe3352ccc29b4a4610fe7dfe98e59889e

    • SHA256

      a8a8dfbdb992f52df91ff8171a9f87ca5b6387c6d73934816891b1367c387dc0

    • SHA512

      0b5655ab81fe23e2636bd77c8729c8bc6c35bae256bcb39bd40aff0fb2ea81b74490946095a36df229ee92b36e7391f7f8534638d195bb3d6acd018e17536624

    • SSDEEP

      1536:iJJJlk7xUAreiaL+QD8YI7fgAJLfD6dUhGomQNe1tmd8aYwGl/196RvHP+oxy132:+se1tmC/196RvHP+oxy13gN/MeEaLjGm

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks