Overview

overview

8

Static

static

8

C:\Users\u...l.dotm

windows7-x64

7

C:\Users\u...l.dotm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    C:\Users\user\AppData\Roaming\Microsoft\Templates\Normal.dotm

  • Size

    22KB

  • Sample

    230329-p5qcbahh7w

  • MD5

    9d342602e34419e0077daefb12589f2a

  • SHA1

    019205904224c446b09574e43a5fbb0b6e06a7e4

  • SHA256

    47bd15404d446450fe162c95160352981850a67f3e75c8fb29a0935c295830c9

  • SHA512

    2c969edd7c347a323907275f460225fc440d93690001ff95b093042a64f4d7fe8c4bc71ab2f53e7676310f096d936bbd457e435fb159e5bcf543dc061dec725f

  • SSDEEP

    384:C6LZC78S04w/T0VqvWGoB1uGaVQF9p0lhS0wVTnzLizefxY4Waf:Bq8S04w/jFoaQvp0lhS0GzLwefxYq

Score
8/10
macro

Malware Config

Targets

    • Target

      C:\Users\user\AppData\Roaming\Microsoft\Templates\Normal.dotm

    • Size

      22KB

    • MD5

      9d342602e34419e0077daefb12589f2a

    • SHA1

      019205904224c446b09574e43a5fbb0b6e06a7e4

    • SHA256

      47bd15404d446450fe162c95160352981850a67f3e75c8fb29a0935c295830c9

    • SHA512

      2c969edd7c347a323907275f460225fc440d93690001ff95b093042a64f4d7fe8c4bc71ab2f53e7676310f096d936bbd457e435fb159e5bcf543dc061dec725f

    • SSDEEP

      384:C6LZC78S04w/T0VqvWGoB1uGaVQF9p0lhS0wVTnzLizefxY4Waf:Bq8S04w/jFoaQvp0lhS0GzLwefxYq

    Score
    7/10

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks