Overview

overview

10

Static

static

8

9313061b9e...87.xls

windows7-x64

10

9313061b9e...87.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9313061b9eb76d37794530de42f74287

  • Size

    207KB

  • Sample

    230117-1ylw4adc5x

  • MD5

    9313061b9eb76d37794530de42f74287

  • SHA1

    5a98d5faf3d69a9cc9843f27cd99a787bbce98d2

  • SHA256

    a4605f752fe432b52836d0f05ddce5c33270f7bd7c28b126e75b2e731e24d588

  • SHA512

    ecb7e6f57d130616dba26d3959e2bd77dbebe11c5964db47cd2c7edffd5aaeb35d017fd1af2d4c81b6b59a0101183b134e2ed6fd4042e139abbf2de777fe959a

  • SSDEEP

    1536:mZKvCTTTT3irSbAx2b64z2tUiWVbrEr4BjJQ7ITkR62l4ozWWt2XKsPFJM2M/MJG:mZKvfWVbrZNQ7ITk9Tyab5kJD6

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      9313061b9eb76d37794530de42f74287

    • Size

      207KB

    • MD5

      9313061b9eb76d37794530de42f74287

    • SHA1

      5a98d5faf3d69a9cc9843f27cd99a787bbce98d2

    • SHA256

      a4605f752fe432b52836d0f05ddce5c33270f7bd7c28b126e75b2e731e24d588

    • SHA512

      ecb7e6f57d130616dba26d3959e2bd77dbebe11c5964db47cd2c7edffd5aaeb35d017fd1af2d4c81b6b59a0101183b134e2ed6fd4042e139abbf2de777fe959a

    • SSDEEP

      1536:mZKvCTTTT3irSbAx2b64z2tUiWVbrEr4BjJQ7ITkR62l4ozWWt2XKsPFJM2M/MJG:mZKvfWVbrZNQ7ITk9Tyab5kJD6

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks