Overview

overview

10

Static

static

8

7db88a1eb2...72.xls

windows7-x64

10

7db88a1eb2...72.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7db88a1eb26f1efd0551c1741bd9a372

  • Size

    147KB

  • Sample

    230111-xntbmsdh86

  • MD5

    7db88a1eb26f1efd0551c1741bd9a372

  • SHA1

    1441a32805036fae408d408d55f4059bd5cf1662

  • SHA256

    48b74204b30980085300e2ce5f0581b5a46629a8a48c511cd7f8a353f8fa8be4

  • SHA512

    13e48f278a1557451f29fbbc24aad0a72a4b9aa76c1acce00fbf38de6ecd83da39d7132ef6d67367209f9f276ebb5dce07594b1c3a32f34e73598b8657266841

  • SSDEEP

    1536:yjjjnKHrjpeTGurjFjKrfnpNuEwYBhWxNSyjBp4vvX24UZ950F9Tz7F1UmR7N/A1:WyH9AyWF2jcc0lbxOr4np48z

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      7db88a1eb26f1efd0551c1741bd9a372

    • Size

      147KB

    • MD5

      7db88a1eb26f1efd0551c1741bd9a372

    • SHA1

      1441a32805036fae408d408d55f4059bd5cf1662

    • SHA256

      48b74204b30980085300e2ce5f0581b5a46629a8a48c511cd7f8a353f8fa8be4

    • SHA512

      13e48f278a1557451f29fbbc24aad0a72a4b9aa76c1acce00fbf38de6ecd83da39d7132ef6d67367209f9f276ebb5dce07594b1c3a32f34e73598b8657266841

    • SSDEEP

      1536:yjjjnKHrjpeTGurjFjKrfnpNuEwYBhWxNSyjBp4vvX24UZ950F9Tz7F1UmR7N/A1:WyH9AyWF2jcc0lbxOr4np48z

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks