Overview

overview

8

Static

static

8

fec28121fd...65.xls

windows7-x64

1

fec28121fd...65.xls

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fec28121fd1ae37697d4b31e8bd18e12aef1e56ae45ac76bbf3053214ce7fe65

  • Size

    111KB

  • Sample

    240419-cktg1seh6v

  • MD5

    e17ae5893c6418fc94612a354afe42f5

  • SHA1

    1fbb64e1c709347a89f9b07e3f8836edadd60411

  • SHA256

    fec28121fd1ae37697d4b31e8bd18e12aef1e56ae45ac76bbf3053214ce7fe65

  • SHA512

    63603f89e80a535cd7443e59fa2272bf2b1b8d6df25ee2c5e4b0c6552fb28684010fee5eba00ad525d4e9a041dd40f95b58b5c77e09b3ee213b76ffdb2bf42b0

  • SSDEEP

    3072:pXk3hbdlylKsgwyzcTbWhZFGkE+cLgLx0dncEdYmK189n/ctJTLXN66:hk3hbdlylKsgwyzcTbWhZFVE+WgLx0dY

Score
8/10
macromacro_on_action

Malware Config

Targets

    • Target

      fec28121fd1ae37697d4b31e8bd18e12aef1e56ae45ac76bbf3053214ce7fe65

    • Size

      111KB

    • MD5

      e17ae5893c6418fc94612a354afe42f5

    • SHA1

      1fbb64e1c709347a89f9b07e3f8836edadd60411

    • SHA256

      fec28121fd1ae37697d4b31e8bd18e12aef1e56ae45ac76bbf3053214ce7fe65

    • SHA512

      63603f89e80a535cd7443e59fa2272bf2b1b8d6df25ee2c5e4b0c6552fb28684010fee5eba00ad525d4e9a041dd40f95b58b5c77e09b3ee213b76ffdb2bf42b0

    • SSDEEP

      3072:pXk3hbdlylKsgwyzcTbWhZFGkE+cLgLx0dncEdYmK189n/ctJTLXN66:hk3hbdlylKsgwyzcTbWhZFVE+WgLx0dY

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks