Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

5ab773c02727b145ed54b44f2958ccb6
Size

289KB
Sample

230131-v2bmmsbb6s
MD5

5ab773c02727b145ed54b44f2958ccb6
SHA1

1d53be4a8374d8d93d1ffce5b1883c576a1d4102
SHA256

cd60e1d6118e22064957380a8560864383002669727845475c3952a0a9d73976
SHA512

3678a908bc8b35486e5a5169e21674845ba0821a0bad0286a058422835ac35f2a0ece3150aa4486760a787e06abf954dbed5433aa6b9c527fc0963fef49b0b51
SSDEEP

3072:3P99KZ26S+xPffpSRRRDLuTUXnPjAYmOEHEGjq4yW9WDecBGPfeZh1HHebx8kAP7:/9YZ26S+PW5EwNMY68h8CO3

Score

10^/10

macro xlm

Malware Config

Targets

- Target
  
  5ab773c02727b145ed54b44f2958ccb6
- Size
  
  289KB
- MD5
  
  5ab773c02727b145ed54b44f2958ccb6
- SHA1
  
  1d53be4a8374d8d93d1ffce5b1883c576a1d4102
- SHA256
  
  cd60e1d6118e22064957380a8560864383002669727845475c3952a0a9d73976
- SHA512
  
  3678a908bc8b35486e5a5169e21674845ba0821a0bad0286a058422835ac35f2a0ece3150aa4486760a787e06abf954dbed5433aa6b9c527fc0963fef49b0b51
- SSDEEP
  
  3072:3P99KZ26S+xPffpSRRRDLuTUXnPjAYmOEHEGjq4yW9WDecBGPfeZh1HHebx8kAP7:/9YZ26S+PW5EwNMY68h8CO3
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

behavioral2