c088cec165636c5c1c29996697cb663baf8ee3c937967ec9b0bf42439bf5b3f8 | Triage

Submit
Reports

Overview

overview

Static

static

8

210e71404a...0f.xls

windows7-x64

210e71404a...0f.xls

windows10-2004-x64

Sharing

General

Target

210e71404a32af2f3bcd047e71fff70f
Size

290KB
Sample

230221-vnn1taff39
MD5

210e71404a32af2f3bcd047e71fff70f
SHA1

42651b2ccfec5464ba17a90b346a9e8c9a1cc75e
SHA256

c088cec165636c5c1c29996697cb663baf8ee3c937967ec9b0bf42439bf5b3f8
SHA512

8ef7d76aab51526ef96dc6a541251fe5a68c80b517f116bce89a465881bade97f83365c54cc29ccb29eaf71778313fb573e5229cd6da18bbaac5e7c2110706e1
SSDEEP

3072:M/YqBwVA9lwRB1tqvvDSadXnp0EQZyPECdxpHJ8rfVNDTF/2oLwdxE7gXdNnaWCr:YYqBwVADX371d4LofDClHRenJB

Score

10^/10

macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

210e71404a32af2f3bcd047e71fff70f.xls

Resource

win7-20230220-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

210e71404a32af2f3bcd047e71fff70f.xls

Resource

win10v2004-20230220-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  210e71404a32af2f3bcd047e71fff70f
- Size
  
  290KB
- MD5
  
  210e71404a32af2f3bcd047e71fff70f
- SHA1
  
  42651b2ccfec5464ba17a90b346a9e8c9a1cc75e
- SHA256
  
  c088cec165636c5c1c29996697cb663baf8ee3c937967ec9b0bf42439bf5b3f8
- SHA512
  
  8ef7d76aab51526ef96dc6a541251fe5a68c80b517f116bce89a465881bade97f83365c54cc29ccb29eaf71778313fb573e5229cd6da18bbaac5e7c2110706e1
- SSDEEP
  
  3072:M/YqBwVA9lwRB1tqvvDSadXnp0EQZyPECdxpHJ8rfVNDTF/2oLwdxE7gXdNnaWCr:YYqBwVADX371d4LofDClHRenJB
Score

10^/10

macro xlm
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Modify Registry

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy