Overview

overview

10

Static

static

8

7e68306ef4...cb.xls

windows7-x64

10

7e68306ef4...cb.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e68306ef41fdf20636642d9a3c4f7cb

  • Size

    84KB

  • Sample

    221213-xw9nlaac6t

  • MD5

    7e68306ef41fdf20636642d9a3c4f7cb

  • SHA1

    631b9a0fe43febf0003b11568d1ca353a374f8cf

  • SHA256

    0aac162ca42b653ae80ae2f0918e002e4e3d6d4c1e7a19c6645ad431e78f749e

  • SHA512

    4ca4d2a2aa35f00de0510b8d03cbabd2ef95c2dbffc9122db512e94e649cfabadb74d083837a90dd2fdeb6621b76cbd1fe7ae22df2d4aeeeeb712400df318ee3

  • SSDEEP

    1536:9NNNNhY1pwb/i2jcc0lbxOvTglVDKaU/WwF1SWs4o:QN2jcc0lbxOr4D3W7s4o

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      7e68306ef41fdf20636642d9a3c4f7cb

    • Size

      84KB

    • MD5

      7e68306ef41fdf20636642d9a3c4f7cb

    • SHA1

      631b9a0fe43febf0003b11568d1ca353a374f8cf

    • SHA256

      0aac162ca42b653ae80ae2f0918e002e4e3d6d4c1e7a19c6645ad431e78f749e

    • SHA512

      4ca4d2a2aa35f00de0510b8d03cbabd2ef95c2dbffc9122db512e94e649cfabadb74d083837a90dd2fdeb6621b76cbd1fe7ae22df2d4aeeeeb712400df318ee3

    • SSDEEP

      1536:9NNNNhY1pwb/i2jcc0lbxOvTglVDKaU/WwF1SWs4o:QN2jcc0lbxOr4D3W7s4o

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks