Overview

overview

10

Static

static

8

26d2b3a92f...67.xls

windows7-x64

10

26d2b3a92f...67.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26d2b3a92fda89574c74d396d85dec67

  • Size

    117KB

  • Sample

    230131-v529rsbc2y

  • MD5

    26d2b3a92fda89574c74d396d85dec67

  • SHA1

    5c239039f7f736427ff061f9c448664bafc1007e

  • SHA256

    eae8c6ea0030850478baf007d3253bc9dbf9c2d32770ba7849854fcb3c20a493

  • SHA512

    12450744f25ec19ababe14a279c26cbdb3ffffc4abed302d234c4fc7b8b6a9b503feca787af6d05db42c4451fed933a2c32609de4d0ecd34fdfefc73ec446ada

  • SSDEEP

    1536:T4HPa4Rz/Sbj13z/vHfQseqZyC23udv3OglgAb3NRKBqN/WwF1klo0UviBuEUIzC:pyC23yOglgAb3NRKEJhwzHKxyTk

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      26d2b3a92fda89574c74d396d85dec67

    • Size

      117KB

    • MD5

      26d2b3a92fda89574c74d396d85dec67

    • SHA1

      5c239039f7f736427ff061f9c448664bafc1007e

    • SHA256

      eae8c6ea0030850478baf007d3253bc9dbf9c2d32770ba7849854fcb3c20a493

    • SHA512

      12450744f25ec19ababe14a279c26cbdb3ffffc4abed302d234c4fc7b8b6a9b503feca787af6d05db42c4451fed933a2c32609de4d0ecd34fdfefc73ec446ada

    • SSDEEP

      1536:T4HPa4Rz/Sbj13z/vHfQseqZyC23udv3OglgAb3NRKBqN/WwF1klo0UviBuEUIzC:pyC23yOglgAb3NRKEJhwzHKxyTk

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks