6aa51734ed8a05663cecb834d9648646c0f9d34e44f199d32f03bdb7879f6f8e | Triage

Submit
Reports

Overview

overview

Static

static

8

cd53c3fd1f...0c.xls

windows7-x64

cd53c3fd1f...0c.xls

windows10-2004-x64

Sharing

General

Target

cd53c3fd1f38a888e2160fcab9e8510c
Size

300KB
Sample

230221-vnkndsff38
MD5

cd53c3fd1f38a888e2160fcab9e8510c
SHA1

e410c6194a6537170a3b6935f7387301aaf476b3
SHA256

6aa51734ed8a05663cecb834d9648646c0f9d34e44f199d32f03bdb7879f6f8e
SHA512

32f67495298b65a1ec6e87c8d0ba299e125d77b37e0e2be1a8f5906c6fdf2959ccc976fa433a9fdf3fb1a9c8bb82f984149b762f5c33949e504f808792a37b14
SSDEEP

3072:k8mfmqkCTW93CRB1XqvvDSadXVp0EQZyPcCdxpHJ8rfVr8TF/2oLwdxE2gXdNnaQ:smqkCTWZvF7dd4x/fYClHVenJA

Score

10^/10

macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cd53c3fd1f38a888e2160fcab9e8510c.xls

Resource

win7-20230220-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd53c3fd1f38a888e2160fcab9e8510c.xls

Resource

win10v2004-20230221-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  cd53c3fd1f38a888e2160fcab9e8510c
- Size
  
  300KB
- MD5
  
  cd53c3fd1f38a888e2160fcab9e8510c
- SHA1
  
  e410c6194a6537170a3b6935f7387301aaf476b3
- SHA256
  
  6aa51734ed8a05663cecb834d9648646c0f9d34e44f199d32f03bdb7879f6f8e
- SHA512
  
  32f67495298b65a1ec6e87c8d0ba299e125d77b37e0e2be1a8f5906c6fdf2959ccc976fa433a9fdf3fb1a9c8bb82f984149b762f5c33949e504f808792a37b14
- SSDEEP
  
  3072:k8mfmqkCTW93CRB1XqvvDSadXVp0EQZyPcCdxpHJ8rfVr8TF/2oLwdxE2gXdNnaQ:smqkCTWZvF7dd4x/fYClHVenJA
Score

10^/10

macro xlm
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Modify Registry

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy