Overview

overview

10

Static

static

8

89409067a2...a7.xls

windows7-x64

10

89409067a2...a7.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89409067a2a0388638b5b0bae079a3a7

  • Size

    330KB

  • Sample

    221213-xxmkfsac7x

  • MD5

    89409067a2a0388638b5b0bae079a3a7

  • SHA1

    75332b5fb4ae94e2975dd7d610b72f5fa92bfdee

  • SHA256

    3a38c30c0828f6ad2ff85b53453db2529cc289595c81a24a47c99b569f163107

  • SHA512

    850443928fbcc164ff905f9d68b0226324a8f2f7f4836c4bd8f9cdb42f0240b613c9c93147868ba1c269f3d4dd410a3cef0fcb9fa05f8863d3ee6ef298ce0074

  • SSDEEP

    6144:OxEtjPOtioVjDGUU1qfDlavx+Xxz1mR9gni5MGorW1yX5A1kDOs56jCjlEGOtMg:HmI

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      89409067a2a0388638b5b0bae079a3a7

    • Size

      330KB

    • MD5

      89409067a2a0388638b5b0bae079a3a7

    • SHA1

      75332b5fb4ae94e2975dd7d610b72f5fa92bfdee

    • SHA256

      3a38c30c0828f6ad2ff85b53453db2529cc289595c81a24a47c99b569f163107

    • SHA512

      850443928fbcc164ff905f9d68b0226324a8f2f7f4836c4bd8f9cdb42f0240b613c9c93147868ba1c269f3d4dd410a3cef0fcb9fa05f8863d3ee6ef298ce0074

    • SSDEEP

      6144:OxEtjPOtioVjDGUU1qfDlavx+Xxz1mR9gni5MGorW1yX5A1kDOs56jCjlEGOtMg:HmI

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks