Overview

overview

8

Static

static

8

afca98fe65...66.doc

windows7-x64

6

afca98fe65...66.doc

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afca98fe65e9ce7940c33624de2098ea237f8bffd084208ae02335658cd46e66

  • Size

    39KB

  • Sample

    240725-z51hdsvgjq

  • MD5

    26058f8d3ffaa138601695708f095078

  • SHA1

    72a6b99c6ff1f5c111d1599b56023ae4afe62fcc

  • SHA256

    afca98fe65e9ce7940c33624de2098ea237f8bffd084208ae02335658cd46e66

  • SHA512

    96c4d4d360aca2630039535d2af33e8b0ccee838e609c69696dea9af96181a2f3abe7474fa4ccd9193fd5d8f0c12d355df37b1b7c59c3f7ae43203079360e988

  • SSDEEP

    384:lOBciSJPw+QD125IHspp50j1y0EY3L2jt:lC+k+5gy5Y3S

Score
8/10
discoverymacromacro_on_action

Malware Config

Targets

    • Target

      afca98fe65e9ce7940c33624de2098ea237f8bffd084208ae02335658cd46e66

    • Size

      39KB

    • MD5

      26058f8d3ffaa138601695708f095078

    • SHA1

      72a6b99c6ff1f5c111d1599b56023ae4afe62fcc

    • SHA256

      afca98fe65e9ce7940c33624de2098ea237f8bffd084208ae02335658cd46e66

    • SHA512

      96c4d4d360aca2630039535d2af33e8b0ccee838e609c69696dea9af96181a2f3abe7474fa4ccd9193fd5d8f0c12d355df37b1b7c59c3f7ae43203079360e988

    • SSDEEP

      384:lOBciSJPw+QD125IHspp50j1y0EY3L2jt:lC+k+5gy5Y3S

    Score
    6/10
    discovery

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks