Overview

overview

10

Static

static

8

a9e62e71d0...cb.xls

windows7-x64

10

a9e62e71d0...cb.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9e62e71d0287e567553dac6a64865cb

  • Size

    1.3MB

  • Sample

    230314-kvncrage7x

  • MD5

    a9e62e71d0287e567553dac6a64865cb

  • SHA1

    34a7e4f3bdfcbb7581c2659d7e94ddefc86b4485

  • SHA256

    16523cbebb016334a8f0b023553dce2efb1df166a485eec09c9f837e4e3332cb

  • SHA512

    947333705422acf48d43866c3b5df1e48aa8ff0f53e4b0604a26f459c7e7ad85f10f03d781ae2d2ccaa6cbc80137f65091f3a28e6a7fd8de600ce6ad99b11b8d

  • SSDEEP

    24576:i5of6rMMouUqHwU/FD6cjmnwKgRGsRFRj1v/4CbUdWchqeg0cNgORgu:ZMbUqHt/QvwKgRGCrjR/4CQMcYPHgu

Score
10/10
macro

Malware Config

Targets

    • Target

      a9e62e71d0287e567553dac6a64865cb

    • Size

      1.3MB

    • MD5

      a9e62e71d0287e567553dac6a64865cb

    • SHA1

      34a7e4f3bdfcbb7581c2659d7e94ddefc86b4485

    • SHA256

      16523cbebb016334a8f0b023553dce2efb1df166a485eec09c9f837e4e3332cb

    • SHA512

      947333705422acf48d43866c3b5df1e48aa8ff0f53e4b0604a26f459c7e7ad85f10f03d781ae2d2ccaa6cbc80137f65091f3a28e6a7fd8de600ce6ad99b11b8d

    • SSDEEP

      24576:i5of6rMMouUqHwU/FD6cjmnwKgRGsRFRj1v/4CbUdWchqeg0cNgORgu:ZMbUqHt/QvwKgRGCrjR/4CQMcYPHgu

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks