Overview

overview

10

Static

static

cis-broadb...2.docm

windows7-x64

4

cis-broadb...2.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cis-broadband invoice 08.11.22.doc

  • Size

    2.2MB

  • Sample

    220811-tgr88abee8

  • MD5

    91ca71d98c0e42e0446e9157fc83e1f2

  • SHA1

    b8b01ee5940864817c670187dfc1cb9a663c79a8

  • SHA256

    373856a75b78406d26cfbb41cbbba7041bad1e56a3304ba17376b294bc773eee

  • SHA512

    f5ca7cb3645558bd8e390d34721ce9abfd93912c56a9470e7f2e5ebab52bcdf82c5740e90e3d0f8d0710fdc313cd9570e3fee05f897d1883af04df2773740717

Score
10/10

Malware Config

Targets

    • Target

      cis-broadband invoice 08.11.22.doc

    • Size

      2.2MB

    • MD5

      91ca71d98c0e42e0446e9157fc83e1f2

    • SHA1

      b8b01ee5940864817c670187dfc1cb9a663c79a8

    • SHA256

      373856a75b78406d26cfbb41cbbba7041bad1e56a3304ba17376b294bc773eee

    • SHA512

      f5ca7cb3645558bd8e390d34721ce9abfd93912c56a9470e7f2e5ebab52bcdf82c5740e90e3d0f8d0710fdc313cd9570e3fee05f897d1883af04df2773740717

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks