ce4298647b014560cc454b87587301f11ffe7478170e7de2af59705ddf87ecc6 | Triage

Resubmissions

22-01-2025 13:59

250122-ravdwszjf1 10

19-10-2022 13:16

221019-qhs1cshch4 10

Sharing

General

Target

Payslips - Week Ending 19 October 2022.xlsm
Size

42KB
Sample

250122-ravdwszjf1
MD5

4cdbf369aea35107af766f0c4a928dc2
SHA1

657b4e5c370ace1326b311d251d77bb3dec8a64b
SHA256

ce4298647b014560cc454b87587301f11ffe7478170e7de2af59705ddf87ecc6
SHA512

54407c6c226d4eba55a0afea35456224a1a9da8742c668810f0e29b112e4364ca7bff1df22257fcf21a9820a1e6e19104cf330c92e5fa5183c26340a8490c912
SSDEEP

768:gvDsavqssnHOBIJYfTH+niSpyvDHrdv+nWxFFiKk/f+qtmUEURC+nQHwSrH:gvLvqTHOG1BaTrdv+KFFi3/Gq09UHQHH

Score

10^/10

Malware Config

Targets

- Target
  
  Payslips - Week Ending 19 October 2022.xlsm
- Size
  
  42KB
- MD5
  
  4cdbf369aea35107af766f0c4a928dc2
- SHA1
  
  657b4e5c370ace1326b311d251d77bb3dec8a64b
- SHA256
  
  ce4298647b014560cc454b87587301f11ffe7478170e7de2af59705ddf87ecc6
- SHA512
  
  54407c6c226d4eba55a0afea35456224a1a9da8742c668810f0e29b112e4364ca7bff1df22257fcf21a9820a1e6e19104cf330c92e5fa5183c26340a8490c912
- SSDEEP
  
  768:gvDsavqssnHOBIJYfTH+niSpyvDHrdv+nWxFFiKk/f+qtmUEURC+nQHwSrH:gvLvqTHOG1BaTrdv+KFFi3/Gq09UHQHH
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1