Overview

overview

10

Static

static

8

a227f5a361...76.xls

windows7-x64

1

a227f5a361...76.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a227f5a3611d92aa2456b175b1fbfc8b61a04f99bdba486e4555f474b6f06376

  • Size

    49KB

  • Sample

    221203-pwzvdsbc38

  • MD5

    871cb451edf999be6c50b1fbdf968e2b

  • SHA1

    482f259cecbccd90611ff790d9ddcc33473efc55

  • SHA256

    a227f5a3611d92aa2456b175b1fbfc8b61a04f99bdba486e4555f474b6f06376

  • SHA512

    04154b9cc6fd809e59806bcb4261f8e5d4b8d2e87f32358f20d4c105ada3ec2d6d030ef231f903055a1a2a14041de8b9cdc840e7a9a315d347d5d5daa1b5f5e4

  • SSDEEP

    1536:lTTTRTHSuGXo3PJmTXEdkwPX2H/YWoT1TB0ptmd8aYEDG/:v0ptmFG/

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      a227f5a3611d92aa2456b175b1fbfc8b61a04f99bdba486e4555f474b6f06376

    • Size

      49KB

    • MD5

      871cb451edf999be6c50b1fbdf968e2b

    • SHA1

      482f259cecbccd90611ff790d9ddcc33473efc55

    • SHA256

      a227f5a3611d92aa2456b175b1fbfc8b61a04f99bdba486e4555f474b6f06376

    • SHA512

      04154b9cc6fd809e59806bcb4261f8e5d4b8d2e87f32358f20d4c105ada3ec2d6d030ef231f903055a1a2a14041de8b9cdc840e7a9a315d347d5d5daa1b5f5e4

    • SSDEEP

      1536:lTTTRTHSuGXo3PJmTXEdkwPX2H/YWoT1TB0ptmd8aYEDG/:v0ptmFG/

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks