Overview

overview

10

Static

static

8

9979bd4587...25.xls

windows7-x64

10

9979bd4587...25.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9979bd45876554b8a7d6570107cfcc25

  • Size

    154KB

  • Sample

    221213-xxakwsac6v

  • MD5

    9979bd45876554b8a7d6570107cfcc25

  • SHA1

    7ae2f4d29e365685e669dd4dc9fde2a662cae8cc

  • SHA256

    fa9a5c0e0652c1063b7073c626559318e8e093dc82c3459e5ecc641dfcd782a4

  • SHA512

    9442e6061029d7623e8b87087385ca3d1c220e575fddc3014cc44fe0eb5b7a16b527d1d333fd070069d47d351d41b2bfc749230113913d62b423d38efea7648d

  • SSDEEP

    1536:/GhsZedcvfePiH4z1XsL/RSbfzE0ysSruPTFAdy7z2VRK7hj2jcc0lbxOrqo14/6:kysyuPTKdY2jcc0lbxOG2CSMOwAtfRT

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      9979bd45876554b8a7d6570107cfcc25

    • Size

      154KB

    • MD5

      9979bd45876554b8a7d6570107cfcc25

    • SHA1

      7ae2f4d29e365685e669dd4dc9fde2a662cae8cc

    • SHA256

      fa9a5c0e0652c1063b7073c626559318e8e093dc82c3459e5ecc641dfcd782a4

    • SHA512

      9442e6061029d7623e8b87087385ca3d1c220e575fddc3014cc44fe0eb5b7a16b527d1d333fd070069d47d351d41b2bfc749230113913d62b423d38efea7648d

    • SSDEEP

      1536:/GhsZedcvfePiH4z1XsL/RSbfzE0ysSruPTFAdy7z2VRK7hj2jcc0lbxOrqo14/6:kysyuPTKdY2jcc0lbxOG2CSMOwAtfRT

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks