Overview

overview

10

Static

static

8

e62151ef09...ab.xls

windows7-x64

10

e62151ef09...ab.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e62151ef095f34f439fdaa2b49ed85ab

  • Size

    285KB

  • Sample

    230131-v18wrahc45

  • MD5

    e62151ef095f34f439fdaa2b49ed85ab

  • SHA1

    5e3968aaa7aa8e28a1c1748ebc8befc76c5db8d4

  • SHA256

    599d603c93bf5cd03e3e8aa799a8b72652295a0f7fe4e600061670204af6b00e

  • SHA512

    d316ffe3d97cbeb16c1249e8fbd5d884f314812eac43ec0e916f3fe90ef5b47c8e99b45d0732e1b3963526f80037e868bea37729498b5d187d0446ab81a2df59

  • SSDEEP

    3072:hLmn79y02k3//tPffqSRRRDLuTRXnPjAYnOEHEGjq4yWJWDecBGPfeZz1HHebx8v:27Y02k3//sJOEwdMYo8J8COw8

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      e62151ef095f34f439fdaa2b49ed85ab

    • Size

      285KB

    • MD5

      e62151ef095f34f439fdaa2b49ed85ab

    • SHA1

      5e3968aaa7aa8e28a1c1748ebc8befc76c5db8d4

    • SHA256

      599d603c93bf5cd03e3e8aa799a8b72652295a0f7fe4e600061670204af6b00e

    • SHA512

      d316ffe3d97cbeb16c1249e8fbd5d884f314812eac43ec0e916f3fe90ef5b47c8e99b45d0732e1b3963526f80037e868bea37729498b5d187d0446ab81a2df59

    • SSDEEP

      3072:hLmn79y02k3//tPffqSRRRDLuTRXnPjAYnOEHEGjq4yWJWDecBGPfeZz1HHebx8v:27Y02k3//sJOEwdMYo8J8COw8

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Discovery

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                    Privilege Escalation

                      Tasks