Overview

overview

8

Static

static

8

08eced1f91...6a.doc

windows7-x64

8

08eced1f91...6a.doc

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    08eced1f9106516cb6786bdf3306706a

  • Size

    38KB

  • Sample

    231230-a3jpesbeeq

  • MD5

    08eced1f9106516cb6786bdf3306706a

  • SHA1

    b3beb8ca7ad7e1a0919df7f38935be924d9cd012

  • SHA256

    ae69b2d4adbfdc6c1b9226120619ad6e3f00388f14273d19e659c9c09105c829

  • SHA512

    5b4635dd4f5a1739b7ec5accc96ed4cf2d87a3591994dafda791aa51437dfc9ff310ce86f701ae2e6516b8ea3b0ae9b4e5af4dc87fcea53b019a04619b57e099

  • SSDEEP

    384:TpsqrsnLzjaXgMdVCf2lLh52Tlz6DPMjyFtX0:TS0CfQdL3

Score
8/10
macromacro_on_action

Malware Config

Targets

    • Target

      08eced1f9106516cb6786bdf3306706a

    • Size

      38KB

    • MD5

      08eced1f9106516cb6786bdf3306706a

    • SHA1

      b3beb8ca7ad7e1a0919df7f38935be924d9cd012

    • SHA256

      ae69b2d4adbfdc6c1b9226120619ad6e3f00388f14273d19e659c9c09105c829

    • SHA512

      5b4635dd4f5a1739b7ec5accc96ed4cf2d87a3591994dafda791aa51437dfc9ff310ce86f701ae2e6516b8ea3b0ae9b4e5af4dc87fcea53b019a04619b57e099

    • SSDEEP

      384:TpsqrsnLzjaXgMdVCf2lLh52Tlz6DPMjyFtX0:TS0CfQdL3

    Score
    8/10
    macromacro_on_action

    • Office macro that triggers on suspicious action

      Office document macro which triggers in special circumstances - often malicious.

      macromacro_on_action

    • Deletes itself

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks