9a53dcaa860e2aa0306a8e359f3e088b21c33aa95bd8efece29b2b8c81094c41 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

floridajob...p.xlsm

windows7-x64

6

floridajob...p.xlsm

windows10-2004-x64

1

Sharing

General

Target

floridajobs.org_docs_default-source_2015-state-program-reports_py-2014-2015-employer-retention-and-penetration_june2015-(002).xlsm_sfvrsn=168b6bb0_0.xls
Size

90KB
Sample

230402-2qapjaba93
MD5

eadd419cb567723cf908e15b3161e7fa
SHA1

5b26dea713182b534e17f335d322ab8379a008de
SHA256

9a53dcaa860e2aa0306a8e359f3e088b21c33aa95bd8efece29b2b8c81094c41
SHA512

b3bcadf32d74cbbff26192b098ef747e423a0c6b0c74d3a08d935795e3d24a97943c874fa9638e1c89e7c2b4cd9a4bb740f37ce141ab6175836981cd4a4f944a
SSDEEP

1536:MrXJE8w41bFoExL/toUOuSyR0iVpUAumZiaTQf8rTXpgXt9BCHGF2892bXb:MrJE8hbxlBSyG2+JmsA2d39s8YbXb

Score

8^/10

macro

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

floridajobs.org_docs_default-source_2015-state-program-reports_py-2014-2015-employer-retention-and-p.xlsm

Resource

win7-20230220-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

floridajobs.org_docs_default-source_2015-state-program-reports_py-2014-2015-employer-retention-and-p.xlsm

Resource

win10v2004-20230221-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  floridajobs.org_docs_default-source_2015-state-program-reports_py-2014-2015-employer-retention-and-penetration_june2015-(002).xlsm_sfvrsn=168b6bb0_0.xls
- Size
  
  90KB
- MD5
  
  eadd419cb567723cf908e15b3161e7fa
- SHA1
  
  5b26dea713182b534e17f335d322ab8379a008de
- SHA256
  
  9a53dcaa860e2aa0306a8e359f3e088b21c33aa95bd8efece29b2b8c81094c41
- SHA512
  
  b3bcadf32d74cbbff26192b098ef747e423a0c6b0c74d3a08d935795e3d24a97943c874fa9638e1c89e7c2b4cd9a4bb740f37ce141ab6175836981cd4a4f944a
- SSDEEP
  
  1536:MrXJE8w41bFoExL/toUOuSyR0iVpUAumZiaTQf8rTXpgXt9BCHGF2892bXb:MrJE8hbxlBSyG2+JmsA2d39s8YbXb
Score

6^/10
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy