Overview

overview

10

Static

static

8

c1d8e0bb3f...a3.xls

windows7-x64

10

c1d8e0bb3f...a3.xls

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c1d8e0bb3ff3fcc6d33e652ca1551a24bbe66d8b687040265b3929aa81e9b0a3

  • Size

    95KB

  • Sample

    221205-rpxgssgg56

  • MD5

    e451e7731c00965ba0e2e84215e87883

  • SHA1

    93d23ecbd2bfb03e7e89864d79af451bcabe148f

  • SHA256

    c1d8e0bb3ff3fcc6d33e652ca1551a24bbe66d8b687040265b3929aa81e9b0a3

  • SHA512

    3f50bd33b82d2786224048f12d7f5270535b61b181383e3076bfda4a570ea1d471478228b7282cc6e071210fb54aed083520052f5cb0da3f3a42347e5e071745

  • SSDEEP

    1536:wyyy2doUu6UOKiBWGWVbrzQ7Iws4FpkbA23uM88SJJtXwQkEq:+WVbrzQ7ItgkZrj0JtXwFEq

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      c1d8e0bb3ff3fcc6d33e652ca1551a24bbe66d8b687040265b3929aa81e9b0a3

    • Size

      95KB

    • MD5

      e451e7731c00965ba0e2e84215e87883

    • SHA1

      93d23ecbd2bfb03e7e89864d79af451bcabe148f

    • SHA256

      c1d8e0bb3ff3fcc6d33e652ca1551a24bbe66d8b687040265b3929aa81e9b0a3

    • SHA512

      3f50bd33b82d2786224048f12d7f5270535b61b181383e3076bfda4a570ea1d471478228b7282cc6e071210fb54aed083520052f5cb0da3f3a42347e5e071745

    • SSDEEP

      1536:wyyy2doUu6UOKiBWGWVbrzQ7Iws4FpkbA23uM88SJJtXwQkEq:+WVbrzQ7ItgkZrj0JtXwFEq

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks