9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf | Triage

Submit
Reports

Overview

overview

Static

static

8

9b808789a8...cf.doc

windows7-x64

9b808789a8...cf.doc

windows10-2004-x64

Sharing

General

Target

9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf.doc
Size

2.8MB
Sample

230326-jykklafh53
MD5

3fd6aaed6aa4fd6fae42ffc02d4fe52a
SHA1

642c92a15fb9b0e9a82d15fdd52c2c92270a4eeb
SHA256

9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf
SHA512

be44cf715020c3f0e0a78dcec45038b4743e3f9e0b48fc4b9c583c06f93d975e0f52a0781c4722194145528f991f338c4056dea8106ea1c45412349b24d790be
SSDEEP

3072:ic8fJkkgynfEv91qh2g4PPHy/q/4mJ9cYNxtE1CeNIyZg1HFZr:iNJkkgo264PPHNjJWSMTGyZaH7r

Score

10^/10

evasion macro macro_on_action

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf.doc

Resource

win7-20230220-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf.doc

Resource

win10v2004-20230220-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf.doc
- Size
  
  2.8MB
- MD5
  
  3fd6aaed6aa4fd6fae42ffc02d4fe52a
- SHA1
  
  642c92a15fb9b0e9a82d15fdd52c2c92270a4eeb
- SHA256
  
  9b808789a88144a32f8fd036138403a7235c834f3b3bf5ebbcd22ac4610d32cf
- SHA512
  
  be44cf715020c3f0e0a78dcec45038b4743e3f9e0b48fc4b9c583c06f93d975e0f52a0781c4722194145528f991f338c4056dea8106ea1c45412349b24d790be
- SSDEEP
  
  3072:ic8fJkkgynfEv91qh2g4PPHy/q/4mJ9cYNxtE1CeNIyZg1HFZr:iNJkkgo264PPHNjJWSMTGyZaH7r
Score

10^/10

evasion
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Hidden Files and Directories

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy