58c0ea4a770bf33a1d3f359370e9fb7e4542d612f920bd6fd97570f16b7ab30d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ee4f9d3e300160baa41695bd597a238.xls
Size

177KB
Sample

240109-wyt59afcek
MD5

4ee4f9d3e300160baa41695bd597a238
SHA1

4e81eef7bc19d10207b030c65cd7063c5666103e
SHA256

58c0ea4a770bf33a1d3f359370e9fb7e4542d612f920bd6fd97570f16b7ab30d
SHA512

5704cbcd80c2dc35850659bd0e061243ffab0cf3a0d1e8b33e6e1aea26b421d2ac952052d8ff9f1487a92aeb8d7eb35f98cec1f502c6c62af02a7e069c6d2f91
SSDEEP

3072:b1mXOps/m+vksm2hvUPqFPI4ukoRWGNwzncGAuBrNhBJDBuAWVbrzF7ITkDXbEbR:hmXOps/m+vksm2hvUPqFPI4ukoRWGNwp

Score

10^/10

macro xlm

Malware Config

Targets

- Target
  
  4ee4f9d3e300160baa41695bd597a238.xls
- Size
  
  177KB
- MD5
  
  4ee4f9d3e300160baa41695bd597a238
- SHA1
  
  4e81eef7bc19d10207b030c65cd7063c5666103e
- SHA256
  
  58c0ea4a770bf33a1d3f359370e9fb7e4542d612f920bd6fd97570f16b7ab30d
- SHA512
  
  5704cbcd80c2dc35850659bd0e061243ffab0cf3a0d1e8b33e6e1aea26b421d2ac952052d8ff9f1487a92aeb8d7eb35f98cec1f502c6c62af02a7e069c6d2f91
- SSDEEP
  
  3072:b1mXOps/m+vksm2hvUPqFPI4ukoRWGNwzncGAuBrNhBJDBuAWVbrzF7ITkDXbEbR:hmXOps/m+vksm2hvUPqFPI4ukoRWGNwp
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2