General

  • Target

    document-1502812177.xls

  • Size

    331KB

  • Sample

    201126-8reqjpf54n

  • MD5

    3fe1a7ebb1d2f45ca2832f3be1e9742a

  • SHA1

    a8febe2ab12238f693f0c4323b23e853fd5cf001

  • SHA256

    af653cf24e72f8b17eb0faa331ce540ed7cc4c602dfd73380e7f63493d6b2158

  • SHA512

    3386aab35156754f86bce68096ecf25947f077aec7f72974a1edccf3486ed22908c4daa0c74874deeee673bb78a6db65aa4985b5277e5693f38a1f3df23fb480

Score
10/10

Malware Config

Targets

    • Target

      document-1502812177.xls

    • Size

      331KB

    • MD5

      3fe1a7ebb1d2f45ca2832f3be1e9742a

    • SHA1

      a8febe2ab12238f693f0c4323b23e853fd5cf001

    • SHA256

      af653cf24e72f8b17eb0faa331ce540ed7cc4c602dfd73380e7f63493d6b2158

    • SHA512

      3386aab35156754f86bce68096ecf25947f077aec7f72974a1edccf3486ed22908c4daa0c74874deeee673bb78a6db65aa4985b5277e5693f38a1f3df23fb480

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks