Overview

overview

10

Static

static

8

201f6d54b3...26.xls

windows7-x64

10

201f6d54b3...26.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    201f6d54b339db3e7972279feeca2726

  • Size

    182KB

  • Sample

    230214-x8c56afa9x

  • MD5

    201f6d54b339db3e7972279feeca2726

  • SHA1

    9a8fcadf3a03846bff5f47a65254c0beb9a12f54

  • SHA256

    dbd47ca15fbb20a66916514bf43e589a47d7a84a6c26246d39e5c219c3bb9544

  • SHA512

    ddda097e84c2d395a4c1ffb3d34533d64a4b79f9a2808d4eed3db30bab3db1a73b6ca55346e686747bf61d2b412d44a8ea99c0d52fe8a9d1986029cc5e3405cb

  • SSDEEP

    3072:EOk3hOdsylKlgryzc4bNhZFGzE+cL2knX/QfeW7OglgAF3NRKE0JtXw7gQpRyT:EOk3hOdsylKlgryzc4bNhZF+E+W2knXS

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      201f6d54b339db3e7972279feeca2726

    • Size

      182KB

    • MD5

      201f6d54b339db3e7972279feeca2726

    • SHA1

      9a8fcadf3a03846bff5f47a65254c0beb9a12f54

    • SHA256

      dbd47ca15fbb20a66916514bf43e589a47d7a84a6c26246d39e5c219c3bb9544

    • SHA512

      ddda097e84c2d395a4c1ffb3d34533d64a4b79f9a2808d4eed3db30bab3db1a73b6ca55346e686747bf61d2b412d44a8ea99c0d52fe8a9d1986029cc5e3405cb

    • SSDEEP

      3072:EOk3hOdsylKlgryzc4bNhZFGzE+cL2knX/QfeW7OglgAF3NRKE0JtXw7gQpRyT:EOk3hOdsylKlgryzc4bNhZF+E+W2knXS

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks