Overview

overview

10

Static

static

8

c375ca5ba4...b6.xls

windows7-x64

10

c375ca5ba4...b6.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c375ca5ba420b9cf96ab566fd276b4b6

  • Size

    1.3MB

  • Sample

    230314-kvck9aee64

  • MD5

    c375ca5ba420b9cf96ab566fd276b4b6

  • SHA1

    7759a1370a5eca8d9edda523c32d9c7f90883258

  • SHA256

    825df25db4e5ed8af1ea2841ad2942b201777dd570e036c2da3b8dce083da198

  • SHA512

    b686b93af6fd373f8475a960948c2aaff329e2e93b7ac6844394d0d0bc8fe3b4fad182ec4180a36b1560c1e54b709e7e0ef6fc93f0769d9e84d7336b947bb86e

  • SSDEEP

    24576:Q5o76oMMouIqjwUalD6crmnwu9RG/VFRj1Kn1abTdGchqecFcJgORqoX:MMbIqjtawvwu9RGdrjQn1afMcYMbqoX

Score
10/10
macro

Malware Config

Targets

    • Target

      c375ca5ba420b9cf96ab566fd276b4b6

    • Size

      1.3MB

    • MD5

      c375ca5ba420b9cf96ab566fd276b4b6

    • SHA1

      7759a1370a5eca8d9edda523c32d9c7f90883258

    • SHA256

      825df25db4e5ed8af1ea2841ad2942b201777dd570e036c2da3b8dce083da198

    • SHA512

      b686b93af6fd373f8475a960948c2aaff329e2e93b7ac6844394d0d0bc8fe3b4fad182ec4180a36b1560c1e54b709e7e0ef6fc93f0769d9e84d7336b947bb86e

    • SSDEEP

      24576:Q5o76oMMouIqjwUalD6crmnwu9RG/VFRj1Kn1abTdGchqecFcJgORqoX:MMbIqjtawvwu9RGdrjQn1afMcYMbqoX

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks