General

  • Target

    1e363ab42817c172e29488a766ac3ef5f6e824b2b869d1d9f1943a91806da136.xlsx

  • Size

    4MB

  • Sample

    230130-c4qkgafd7s

  • MD5

    0044c492946505a1338347bc9181b041

  • SHA1

    e3d213f375ab76c2a5d099fcd1f66831ff0dc9d3

  • SHA256

    1e363ab42817c172e29488a766ac3ef5f6e824b2b869d1d9f1943a91806da136

  • SHA512

    86c6b6db730fbad1637acbc2619954dd333e0e4c798a762ce8e28f3567a68e189a7b4694a1013783e07b8dfe0d245ca017d21e2b5f33b9a46cb2ab16871bb2e2

  • SSDEEP

    98304:9v4K91f7vFpQ+g8RFpiLd+8kLD84tCEr0RtNiC5eSsNMt+r+WC1HnKHnn3BBXXXs:9vpvFa+g8RWLdPk/84tCEr0RtNiC5eSt

Malware Config

Targets

    • Target

      1e363ab42817c172e29488a766ac3ef5f6e824b2b869d1d9f1943a91806da136.xlsx

    • Size

      4MB

    • MD5

      0044c492946505a1338347bc9181b041

    • SHA1

      e3d213f375ab76c2a5d099fcd1f66831ff0dc9d3

    • SHA256

      1e363ab42817c172e29488a766ac3ef5f6e824b2b869d1d9f1943a91806da136

    • SHA512

      86c6b6db730fbad1637acbc2619954dd333e0e4c798a762ce8e28f3567a68e189a7b4694a1013783e07b8dfe0d245ca017d21e2b5f33b9a46cb2ab16871bb2e2

    • SSDEEP

      98304:9v4K91f7vFpQ+g8RFpiLd+8kLD84tCEr0RtNiC5eSsNMt+r+WC1HnKHnn3BBXXXs:9vpvFa+g8RWLdPk/84tCEr0RtNiC5eSt

    Score
    6/10
    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks