Overview

overview

10

Static

static

8

347b6c6773...ac.xls

windows7-x64

347b6c6773...ac.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    347b6c6773dea2ba535b103b71eee2ac

  • Size

    364KB

  • Sample

    230131-v6q8wsbc3v

  • MD5

    347b6c6773dea2ba535b103b71eee2ac

  • SHA1

    0cfc0bc896b565e0956851c09627f21d31a885b2

  • SHA256

    380c84d48cd130ba3d784421c9a175debe7c7108db06da283b44549cccdfd77d

  • SHA512

    7f24626d0876d2ca1bc7e1c5b3fefd19e357b05aa03daab511379f571aeabde8d704cd1060c3a7b6f5d6c0d070b7ff79cf58ec701df6d1580d1d313f601eec58

  • SSDEEP

    3072:KXBlllllllllllllllllllllllllXO7WXW1+cCUQCiWqAZffIXdHMnIr2FhqDow2:97WXWkWvfhWYlF73k

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      347b6c6773dea2ba535b103b71eee2ac

    • Size

      364KB

    • MD5

      347b6c6773dea2ba535b103b71eee2ac

    • SHA1

      0cfc0bc896b565e0956851c09627f21d31a885b2

    • SHA256

      380c84d48cd130ba3d784421c9a175debe7c7108db06da283b44549cccdfd77d

    • SHA512

      7f24626d0876d2ca1bc7e1c5b3fefd19e357b05aa03daab511379f571aeabde8d704cd1060c3a7b6f5d6c0d070b7ff79cf58ec701df6d1580d1d313f601eec58

    • SSDEEP

      3072:KXBlllllllllllllllllllllllllXO7WXW1+cCUQCiWqAZffIXdHMnIr2FhqDow2:97WXWkWvfhWYlF73k

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks