Overview

overview

6

Static

static

paul-176875.xls

windows7_x64

6

paul-176875.xls

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    paul-176875.xls

  • Size

    374KB

  • Sample

    200402-7hwrzcdmn2

  • MD5

    610ad5a9d4137f0d0f316dfe6aa648ed

  • SHA1

    23fa7f0dea9cc43a7006c448c9a065f7b5494c35

  • SHA256

    618feda769632fad7e77dd0c8ee8674f403a34488c5b4274294d2a8e5fb12849

  • SHA512

    10fc071776d77dc34a62faa1b24307efc56eaf72e0204c905b9442479c293b490c3ecf4ec6102ca690de47f45b70480c642a143b20db2fe23ffa1996ee83f096

Score
6/10

Malware Config

Targets

    • Target

      paul-176875.xls

    • Size

      374KB

    • MD5

      610ad5a9d4137f0d0f316dfe6aa648ed

    • SHA1

      23fa7f0dea9cc43a7006c448c9a065f7b5494c35

    • SHA256

      618feda769632fad7e77dd0c8ee8674f403a34488c5b4274294d2a8e5fb12849

    • SHA512

      10fc071776d77dc34a62faa1b24307efc56eaf72e0204c905b9442479c293b490c3ecf4ec6102ca690de47f45b70480c642a143b20db2fe23ffa1996ee83f096

    Score
    6/10

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks