Overview

overview

10

Static

static

8

agreement-84.xls

windows7_x64

10

agreement-84.xls

windows10_x64

1

Resubmissions

02-02-2021 17:05

210202-x4ffykjpzn 10

01-02-2021 15:18

210201-6pjhlsllq2 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    agreement-84.xls

  • Size

    125KB

  • Sample

    210202-x4ffykjpzn

  • MD5

    cf489853a42fb7520f19242a8921775d

  • SHA1

    734e56466b525e822436b61f13a76eda051ea15a

  • SHA256

    0e094197fca1947eb189006ddeb7d6ad9e5d1f58229e929bc0359887ed8a667d

  • SHA512

    6f0cd4126162830b6739509abd3762507c2f300c87414775a094076e624d1f5b6e113b48aa342f238f25bc0d39208959bd134e462d2215d69224832df9a23c62

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://eyeqoptical.ca/ds/3101.gif

Targets

    • Target

      agreement-84.xls

    • Size

      125KB

    • MD5

      cf489853a42fb7520f19242a8921775d

    • SHA1

      734e56466b525e822436b61f13a76eda051ea15a

    • SHA256

      0e094197fca1947eb189006ddeb7d6ad9e5d1f58229e929bc0359887ed8a667d

    • SHA512

      6f0cd4126162830b6739509abd3762507c2f300c87414775a094076e624d1f5b6e113b48aa342f238f25bc0d39208959bd134e462d2215d69224832df9a23c62

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks