Overview

overview

10

Static

static

8

7600e46b1a...5a.xls

windows7-x64

10

7600e46b1a...5a.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7600e46b1ad89168e4315759068fc55a

  • Size

    173KB

  • Sample

    230214-x8a1ssff83

  • MD5

    7600e46b1ad89168e4315759068fc55a

  • SHA1

    3967e02c4126829e6a276918a4ce4af2b121da05

  • SHA256

    efb42b166ff6fa0da650c32c247047daa397a08cebb9cae0c7034a4a3e1b1c6f

  • SHA512

    563cf02c05e055a3c4e0fdd3c9c5bed3ac6554fbcb87a1c9e732d06dd2afaab3db001f6c5a2dd53cdc378880ac480a9d788f3b59bf0f4507366c0f2a5c638e8f

  • SSDEEP

    3072:8+IH1OxQKxy5gfaf8kDfsQmN3psWUZZR/Qse7sUguglgAQ3NRSw/JtXwkDKSZ:8+IH1OxQKxy5gfaf8kDfsQmN3psWUZZY

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      7600e46b1ad89168e4315759068fc55a

    • Size

      173KB

    • MD5

      7600e46b1ad89168e4315759068fc55a

    • SHA1

      3967e02c4126829e6a276918a4ce4af2b121da05

    • SHA256

      efb42b166ff6fa0da650c32c247047daa397a08cebb9cae0c7034a4a3e1b1c6f

    • SHA512

      563cf02c05e055a3c4e0fdd3c9c5bed3ac6554fbcb87a1c9e732d06dd2afaab3db001f6c5a2dd53cdc378880ac480a9d788f3b59bf0f4507366c0f2a5c638e8f

    • SSDEEP

      3072:8+IH1OxQKxy5gfaf8kDfsQmN3psWUZZR/Qse7sUguglgAQ3NRSw/JtXwkDKSZ:8+IH1OxQKxy5gfaf8kDfsQmN3psWUZZY

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks