Overview

overview

10

Static

static

1

WlRE REMIT...T.xlsx

windows7-x64

1

WlRE REMIT...T.xlsx

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WlRE REMITTANCE DOCUMENT.xlsx

  • Size

    322KB

  • Sample

    230711-p9f97sab8w

  • MD5

    e464b0b1510f9b815ce650effd332b8c

  • SHA1

    c053fd168e0024b718a71892187c13556889b8ac

  • SHA256

    d4f147b8c2eca3fd37cee1d9fdf33e49810ec7a65839c3bcaa2561a10700f16f

  • SHA512

    7877f3043f711cfaeb09de26706dfe377cae81f2556a40514aa31629275721d3c31aa6ebaacff0aa6114e941f25523c741155c30e1a43de9788c6f0e28dd76cd

  • SSDEEP

    6144:xwihBwhnUiCDVK0V5AEB30+pZLLJQ37Xro6WXCZkSpGfiylngHtnmp7a023vnM:xcVv4KsBk+pZLLEbZNpGfCHtD023vnM

Score
10/10

Malware Config

Targets

    • Target

      WlRE REMITTANCE DOCUMENT.xlsx

    • Size

      322KB

    • MD5

      e464b0b1510f9b815ce650effd332b8c

    • SHA1

      c053fd168e0024b718a71892187c13556889b8ac

    • SHA256

      d4f147b8c2eca3fd37cee1d9fdf33e49810ec7a65839c3bcaa2561a10700f16f

    • SHA512

      7877f3043f711cfaeb09de26706dfe377cae81f2556a40514aa31629275721d3c31aa6ebaacff0aa6114e941f25523c741155c30e1a43de9788c6f0e28dd76cd

    • SSDEEP

      6144:xwihBwhnUiCDVK0V5AEB30+pZLLJQ37Xro6WXCZkSpGfiylngHtnmp7a023vnM:xcVv4KsBk+pZLLEbZNpGfCHtD023vnM

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks