c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d | Triage

Submit
Reports

Overview

overview

Static

static

8

c9d70a39cc...2d.xls

windows7-x64

c9d70a39cc...2d.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d
Size

160KB
Sample

221201-nc4hssce94
MD5

430db1887b7032cd5b9ab3ec25d368cd
SHA1

45975e133424cf65b6c77812f7af21653a41ac87
SHA256

c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d
SHA512

fde87a9052febbcc5e83dd539c3071807b1c403302290b2790c685adc6b4fdb866184ae25aa4dbf5e566bb9172187564754c0109382ee12b4967e5e7662adb7e
SSDEEP

3072:GweK5DSzjWBNOvHWPJgkxK0cTy8Tl3woek2jcc0lbxOrBiJtXwfGa:Gw7Jp6aG

Score

10^/10

macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d.xls

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d.xls

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d
- Size
  
  160KB
- MD5
  
  430db1887b7032cd5b9ab3ec25d368cd
- SHA1
  
  45975e133424cf65b6c77812f7af21653a41ac87
- SHA256
  
  c9d70a39cc8e026a8675048138a017939c3a23043682e8e94db73d0d7759852d
- SHA512
  
  fde87a9052febbcc5e83dd539c3071807b1c403302290b2790c685adc6b4fdb866184ae25aa4dbf5e566bb9172187564754c0109382ee12b4967e5e7662adb7e
- SSDEEP
  
  3072:GweK5DSzjWBNOvHWPJgkxK0cTy8Tl3woek2jcc0lbxOrBiJtXwfGa:Gw7Jp6aG
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy