Overview

overview

10

Static

static

8

3394d592dd...a4.xls

windows7-x64

10

3394d592dd...a4.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3394d592ddc92a96cf78232700f4f2a4

  • Size

    322KB

  • Sample

    221213-xxlcdsfe99

  • MD5

    3394d592ddc92a96cf78232700f4f2a4

  • SHA1

    433b979a3d98838d4079aa9ba065c8b5d2849c92

  • SHA256

    c489ca2d4d4e386906369a56af1e447057dcf70fb9add7d7658e870e83bbf668

  • SHA512

    3cff2a520e4e857e10d440d7c91a873def68c28f9f07c52e45539a07aa545273220b6d596f42acf8d2edf4c63f8b9d4aa76e60055b4a05db970280f822e6f22f

  • SSDEEP

    6144:CxEtjPOtioVjDGUU1qfDlavx+Xxz1mR9gni5MGorW1yX5A1kDO/5yT7RS9vFbJMW:YmG

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      3394d592ddc92a96cf78232700f4f2a4

    • Size

      322KB

    • MD5

      3394d592ddc92a96cf78232700f4f2a4

    • SHA1

      433b979a3d98838d4079aa9ba065c8b5d2849c92

    • SHA256

      c489ca2d4d4e386906369a56af1e447057dcf70fb9add7d7658e870e83bbf668

    • SHA512

      3cff2a520e4e857e10d440d7c91a873def68c28f9f07c52e45539a07aa545273220b6d596f42acf8d2edf4c63f8b9d4aa76e60055b4a05db970280f822e6f22f

    • SSDEEP

      6144:CxEtjPOtioVjDGUU1qfDlavx+Xxz1mR9gni5MGorW1yX5A1kDO/5yT7RS9vFbJMW:YmG

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks