Overview

overview

10

Static

static

8

ca9141d70a...59.xls

windows7-x64

10

ca9141d70a...59.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca9141d70ac492e6adb61f3c7e14ed59

  • Size

    289KB

  • Sample

    230131-v12gnsbb51

  • MD5

    ca9141d70ac492e6adb61f3c7e14ed59

  • SHA1

    56ebf9533953af1c34f3bc89b527c78fecb1cbce

  • SHA256

    b6a2a4a911c808f75204b6fbf55a0fc4c6408b0240d3f59e8e5933b186a1d68f

  • SHA512

    73ad90fc3017ff4424e8b805655ba31976e174dd815786ccc5230d359b5c33af0c025692a285f5150031a0d8d04df143e61a1f3783369738f82643784be43834

  • SSDEEP

    3072:LP99KZ26S+xPffpSRRRDLuTUXnPjAYmOEHEGjq4yW9WDecBGPfeZh1HHebx8kAP7:D9YZ26S+PW5EwNMY68h8CO3

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      ca9141d70ac492e6adb61f3c7e14ed59

    • Size

      289KB

    • MD5

      ca9141d70ac492e6adb61f3c7e14ed59

    • SHA1

      56ebf9533953af1c34f3bc89b527c78fecb1cbce

    • SHA256

      b6a2a4a911c808f75204b6fbf55a0fc4c6408b0240d3f59e8e5933b186a1d68f

    • SHA512

      73ad90fc3017ff4424e8b805655ba31976e174dd815786ccc5230d359b5c33af0c025692a285f5150031a0d8d04df143e61a1f3783369738f82643784be43834

    • SSDEEP

      3072:LP99KZ26S+xPffpSRRRDLuTUXnPjAYmOEHEGjq4yW9WDecBGPfeZh1HHebx8kAP7:D9YZ26S+PW5EwNMY68h8CO3

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Discovery

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                    Privilege Escalation

                      Tasks