Overview

overview

10

Static

static

8

b86ead4448...5e.xls

windows7-x64

10

b86ead4448...5e.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b86ead4448296e1488cb84fbea21284d2013c833dff64f7481e5ebb4cb7c595e

  • Size

    78KB

  • Sample

    221207-hyxpgsee84

  • MD5

    91373bc59221183f9578f9b141e134df

  • SHA1

    5b45d105db8d2713bf5ff03c47e41c53b1f1944b

  • SHA256

    b86ead4448296e1488cb84fbea21284d2013c833dff64f7481e5ebb4cb7c595e

  • SHA512

    1628c88a02cd2db36187d11ecae1bf248359099865c31248ab5ffc9c20518f775f34ce65bf2b8dc80edec25c3937a730d7bd57f4cdd8c7a31962a7eaaba35e10

  • SSDEEP

    1536:zmjjjUx6Rh2jcc0lbxOqTgZHM88ScJtXwx/Xx:q2jcc0lbxOKFjhJtXwFXx

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      b86ead4448296e1488cb84fbea21284d2013c833dff64f7481e5ebb4cb7c595e

    • Size

      78KB

    • MD5

      91373bc59221183f9578f9b141e134df

    • SHA1

      5b45d105db8d2713bf5ff03c47e41c53b1f1944b

    • SHA256

      b86ead4448296e1488cb84fbea21284d2013c833dff64f7481e5ebb4cb7c595e

    • SHA512

      1628c88a02cd2db36187d11ecae1bf248359099865c31248ab5ffc9c20518f775f34ce65bf2b8dc80edec25c3937a730d7bd57f4cdd8c7a31962a7eaaba35e10

    • SSDEEP

      1536:zmjjjUx6Rh2jcc0lbxOqTgZHM88ScJtXwx/Xx:q2jcc0lbxOKFjhJtXwFXx

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks