Overview

overview

10

Static

static

8

df8b625626...9e.xls

windows7-x64

10

df8b625626...9e.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df8b625626e004349aee5e9eabc2eba4928efd0aa3b079d31b9a42a254d7799e

  • Size

    94KB

  • Sample

    221206-rtqvtaac6s

  • MD5

    3972d82771a3e1ae38ec01ee1a4d082e

  • SHA1

    4b56ebfc0ea5f175a35cdaf7c64d4131c6037784

  • SHA256

    df8b625626e004349aee5e9eabc2eba4928efd0aa3b079d31b9a42a254d7799e

  • SHA512

    aff1f1a7627fb4cbde8ac1dcd0fbc58f0810779ceba78ef2a423577894426c406106d795c52e97a0e70a11f17064b59a604193d91efeca172961c5e5836a745e

  • SSDEEP

    1536:J+++qIEZ4jQssmnzP5PWVbrzQ7INzn1kbA23DM88ScJ5XwSpDxOn:+WVbrzQ7IrkZwjhJ5Xw7n

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      df8b625626e004349aee5e9eabc2eba4928efd0aa3b079d31b9a42a254d7799e

    • Size

      94KB

    • MD5

      3972d82771a3e1ae38ec01ee1a4d082e

    • SHA1

      4b56ebfc0ea5f175a35cdaf7c64d4131c6037784

    • SHA256

      df8b625626e004349aee5e9eabc2eba4928efd0aa3b079d31b9a42a254d7799e

    • SHA512

      aff1f1a7627fb4cbde8ac1dcd0fbc58f0810779ceba78ef2a423577894426c406106d795c52e97a0e70a11f17064b59a604193d91efeca172961c5e5836a745e

    • SSDEEP

      1536:J+++qIEZ4jQssmnzP5PWVbrzQ7INzn1kbA23DM88ScJ5XwSpDxOn:+WVbrzQ7IrkZwjhJ5Xw7n

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks