Overview

overview

10

Static

static

8

45bb259b80...0.xlsm

windows7-x64

10

45bb259b80...0.xlsm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45bb259b802018405b9c4653fce91c10

  • Size

    42KB

  • Sample

    230308-hzmwnsea8v

  • MD5

    45bb259b802018405b9c4653fce91c10

  • SHA1

    475f19d361eab6294801aad64473949d48df0fa7

  • SHA256

    e4e6b059ae8c9377f5c6e14097190af31ead39770953bb646fbc95d81dc154f2

  • SHA512

    7600b8a1f36ca52484778ef6ad6fa53290190f80190353abf320f724f3cd192ad030844850a73a011d8d07729b4ab1af1cb3ba0297d229e04351ad045466ba23

  • SSDEEP

    768:QBqsyG6GAZwFs6gPdK0s2Rsq5V5SGzzh43IYtTKv/Nu4D3NsNv/B:QMLvZr6AE2egV5SGeVc/NbdsN/B

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      45bb259b802018405b9c4653fce91c10

    • Size

      42KB

    • MD5

      45bb259b802018405b9c4653fce91c10

    • SHA1

      475f19d361eab6294801aad64473949d48df0fa7

    • SHA256

      e4e6b059ae8c9377f5c6e14097190af31ead39770953bb646fbc95d81dc154f2

    • SHA512

      7600b8a1f36ca52484778ef6ad6fa53290190f80190353abf320f724f3cd192ad030844850a73a011d8d07729b4ab1af1cb3ba0297d229e04351ad045466ba23

    • SSDEEP

      768:QBqsyG6GAZwFs6gPdK0s2Rsq5V5SGzzh43IYtTKv/Nu4D3NsNv/B:QMLvZr6AE2egV5SGeVc/NbdsN/B

    Score
    10/10
    macroxlm

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

      macroxlm

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks