Overview

overview

10

Static

static

1

Users/dmon...7.xlsb

windows7-x64

10

Users/dmon...7.xlsb

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    35f57690-0a70-4f43-b3af-b2c8378660c0.zip

  • Size

    1018KB

  • Sample

    230411-p85w6sce52

  • MD5

    8e72e3acf904e163eabd404cdc4c186d

  • SHA1

    300aa092b587e517f6e335de116cab0c626ba155

  • SHA256

    33b074485d534630fdbc1b8da20253747cb34aed6f8ea7ebdb48b07a21e09a94

  • SHA512

    b50907e1b4e72cabcaea21ff86163aba7eb7b12a0e7b64cd4841315e972fafd9ea32d97f43d0aca0c5ef0d250a789c3945c0d14e27f6ea6138f810bfe6976044

  • SSDEEP

    24576:kBXBZC0NtZyBG6awJtlB7uBUzR8W8ZQUg86Q5M1d3B:piZyc6awP/pzKO0DMF

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      Users/dmontoya/AppData/Local/Microsoft/Windows/INetCache/Content.MSO/Copy of x350247977.xlsb

    • Size

      1.0MB

    • MD5

      36ea0c5dfca2ccc94b2bf8ce975ddaaf

    • SHA1

      b3d5ff9177de5b50701549d9c424ddcf277e7588

    • SHA256

      d6da63fc9d163b0ab9aa825caed01c4647a70acf09a44d34b0ae538d1e8256b9

    • SHA512

      6fa280f8746443b60256961cd40954177f305c87092387f256ca97b1edce482b87f3a2e3213781051a20bc6d68885faaa5521dd218ef3b8be44558f1e024a1c1

    • SSDEEP

      24576:+W0nDvQLoiA8VLFUPZg3ghgHg/gugpglg9gFgS:r0nDveor8NFyGwuAYJWyKSS

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks