68fded479f0aa3ccf1ecc4c95500eb42ab491a384462ea8afbab8a003650acb8 | Triage

Sharing

General

Target

68fded479f0aa3ccf1ecc4c95500eb42ab491a384462ea8afbab8a003650acb8
Size

109KB
Sample

250316-1bx1vazxbz
MD5

bd37d42a1c299f861e875b149ba63155
SHA1

0d61bf349b86b4498ec82e8a1ed96e5bf743ffba
SHA256

68fded479f0aa3ccf1ecc4c95500eb42ab491a384462ea8afbab8a003650acb8
SHA512

709db30be0ff454c00519957138352602390c3b110e6ab8cbd505d73c3594894ea1e1072ef0c85b941b5b9cf07721a063b7349658ae310712ae34dd59d594a2a
SSDEEP

1536:2eeeeq8nw8wzQzJtV8cbsQvPe8k1SUmZ9584fsSZWVbrzQ7Iu4kQx23SKUcJtXw8:NCWVbrzQ7INk3JXJtXw8

Score

10^/10

defense_evasion discovery macro xlm

Malware Config

Targets

- Target
  
  68fded479f0aa3ccf1ecc4c95500eb42ab491a384462ea8afbab8a003650acb8
- Size
  
  109KB
- MD5
  
  bd37d42a1c299f861e875b149ba63155
- SHA1
  
  0d61bf349b86b4498ec82e8a1ed96e5bf743ffba
- SHA256
  
  68fded479f0aa3ccf1ecc4c95500eb42ab491a384462ea8afbab8a003650acb8
- SHA512
  
  709db30be0ff454c00519957138352602390c3b110e6ab8cbd505d73c3594894ea1e1072ef0c85b941b5b9cf07721a063b7349658ae310712ae34dd59d594a2a
- SSDEEP
  
  1536:2eeeeq8nw8wzQzJtV8cbsQvPe8k1SUmZ9584fsSZWVbrzQ7Iu4kQx23SKUcJtXw8:NCWVbrzQ7INk3JXJtXw8
Score

10^/10

defense_evasion discovery macro xlm
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasionmacroxlm