769d037a66e09be8694594934854b0ad1e919f857fa3ec2287d81b2d028f19c5

Analysis

max time kernel
0s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
08/01/2024, 08:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4ae5b044c6605c5258cc266ce6358480.xlsm
Size

328KB
MD5

4ae5b044c6605c5258cc266ce6358480
SHA1

457dd350128403c4de062b870e0ede61448b45f1
SHA256

769d037a66e09be8694594934854b0ad1e919f857fa3ec2287d81b2d028f19c5
SHA512

ce75a8001dad1fd75a8850afa32de55a8a0f1d64ab98b133944d5dc74769523502f4a9c171dcf1621f6adca8d0c85d910d4657efa93161d12d1819e73f08d705
SSDEEP

6144:QN9HMInvpPbR/5L4YvQ6bgcsEEmi+efMi0oGMKpjYmMU0pKdm:QN9tRbtp4Wl8cnEQeNGhtYvU0p6m

Score

10^/10

Malware Config

Signatures

Process spawned unexpected child process 1 IoCs

This typically indicates the parent process was compromised via an exploit or macro.

description	pid	pid_target	Process	procid_target
Parent C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE is not expected to spawn this process	3212	4612	mshta.exe	14

C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\4ae5b044c6605c5258cc266ce6358480.xlsm"
1⤵
PID:4612
- C:\Windows\SYSTEM32\mshta.exe
  mshta C:\ProgramData\aCccbJ.sct
  2⤵
  - Process spawned unexpected child process
  PID:3212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4612-3-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-7-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-9-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-11-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-15-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-18-0x00007FFE9A4D0000-0x00007FFE9A4E0000-memory.dmp

Filesize
64KB

Download
memory/4612-20-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-22-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-21-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-19-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-17-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-16-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-14-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-13-0x00007FFE9A4D0000-0x00007FFE9A4E0000-memory.dmp

Filesize
64KB

Download
memory/4612-12-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-10-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-8-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-6-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-5-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-4-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-2-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-1-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-0-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-47-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-64-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-67-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-68-0x00007FFEDC4B0000-0x00007FFEDC6A5000-memory.dmp

Filesize
2.0MB

Download
memory/4612-66-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-65-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download
memory/4612-63-0x00007FFE9C530000-0x00007FFE9C540000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads