6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7 | Triage

Submit
Reports

Overview

overview

Static

static

8

6f4bc12fce...b7.xls

windows7-x64

6f4bc12fce...b7.xls

windows10-2004-x64

Sharing

General

Target

6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7.xls
Size

1.8MB
Sample

230124-3pzgyafg91
MD5

8d2de24d19d8da03725a0af84ab23aac
SHA1

70f230b9b0fc7646e3d1bc3c7c5cb00b54b58219
SHA256

6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7
SHA512

7da3809579b69a526b6f6879eb00e76428ba391899273f44693d8b603d699bf9d549327ce06f9a77a4680c64f338a01ec3d1c7b5b2c27a76b83158fb792500ad
SSDEEP

6144:MxEtjPOtioVjDGUU1qfDlavx+W2QnAgp778tta:3ots

Score

10^/10

evasion macro macro_on_action

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7.xls

Resource

win7-20220812-en

windows7-x64

12 signatures

60 seconds

Behavioral task

behavioral2

Sample

6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7.xls

Resource

win10v2004-20221111-en

windows10-2004-x64

9 signatures

60 seconds

Malware Config

Targets

- Target
  
  6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7.xls
- Size
  
  1.8MB
- MD5
  
  8d2de24d19d8da03725a0af84ab23aac
- SHA1
  
  70f230b9b0fc7646e3d1bc3c7c5cb00b54b58219
- SHA256
  
  6f4bc12fce56cce118a4dc54370e85f56c49d3822d642e753e3117a48e394cb7
- SHA512
  
  7da3809579b69a526b6f6879eb00e76428ba391899273f44693d8b603d699bf9d549327ce06f9a77a4680c64f338a01ec3d1c7b5b2c27a76b83158fb792500ad
- SSDEEP
  
  6144:MxEtjPOtioVjDGUU1qfDlavx+W2QnAgp778tta:3ots
Score

10^/10

evasion
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Hidden Files and Directories

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy