Resubmissions

17-12-2020 18:23

201217-a919dkygg2 10

03-12-2020 14:36

201203-xg2dt64s3j 10

General

  • Target

    document-1699807874.xls

  • Size

    111KB

  • Sample

    201217-a919dkygg2

  • MD5

    dea2166519409b96205775cc95abab6e

  • SHA1

    a70da2919e3f81d3fd397435649097e296605536

  • SHA256

    52e0b5d39e9a97736b03f2b0ac315bb874da3632574cdd252fd8b9138cc1b299

  • SHA512

    28f317f53ace16c4c6ffc701fad325eebc0dc54c85477cfd9b27d1cbd809b1df128fa235b72c7db7927618adca29440a54c194f97cdb8f38bc98220200f24b1c

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://p-clone.net/ds/021220&C51

Targets

    • Target

      document-1699807874.xls

    • Size

      111KB

    • MD5

      dea2166519409b96205775cc95abab6e

    • SHA1

      a70da2919e3f81d3fd397435649097e296605536

    • SHA256

      52e0b5d39e9a97736b03f2b0ac315bb874da3632574cdd252fd8b9138cc1b299

    • SHA512

      28f317f53ace16c4c6ffc701fad325eebc0dc54c85477cfd9b27d1cbd809b1df128fa235b72c7db7927618adca29440a54c194f97cdb8f38bc98220200f24b1c

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks