Overview

overview

8

Static

static

263673.xls

windows7_x64

6

263673.xls

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    263673.xls

  • Size

    89KB

  • Sample

    200629-b9r3caphe6

  • MD5

    1580e540ad5fbaca156c0f63129c22fc

  • SHA1

    f968d84ce60f50168cbc63e0cbaa3fbcc00995e0

  • SHA256

    3a12068f2e8db89de560110edc5c93a29f92fd01cc51a5f4bfb14c12a862e84b

  • SHA512

    486f9f19fc4371705e6719bc8ddfe2d4b7b0dc8514a28621f508c344ba90092a0f369ea81f341cb1234134f693e61ee85195d6caa9a6c759cbbb4acbe36cb7d2

Score
8/10

Malware Config

Targets

    • Target

      263673.xls

    • Size

      89KB

    • MD5

      1580e540ad5fbaca156c0f63129c22fc

    • SHA1

      f968d84ce60f50168cbc63e0cbaa3fbcc00995e0

    • SHA256

      3a12068f2e8db89de560110edc5c93a29f92fd01cc51a5f4bfb14c12a862e84b

    • SHA512

      486f9f19fc4371705e6719bc8ddfe2d4b7b0dc8514a28621f508c344ba90092a0f369ea81f341cb1234134f693e61ee85195d6caa9a6c759cbbb4acbe36cb7d2

    Score
    8/10

    • Executes dropped EXE

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks