c71bd3833fbb10cd2f845c83a6ed957f3243990de48a74b4d5cf1602303f4bb1 | Triage

Submit
Reports

Overview

overview

Static

static

8

SecuriteIn...39.xls

windows7_x64

SecuriteIn...39.xls

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Heur.15528.14839
Size

91KB
Sample

210222-1rhcm1p6ke
MD5

5a75c6184001a6b8785206f1e2121290
SHA1

b3ec9fbcc5e96c45e74d503210a51a7ee5ce8132
SHA256

c71bd3833fbb10cd2f845c83a6ed957f3243990de48a74b4d5cf1602303f4bb1
SHA512

d1d29f02ae53f7fe04ebab4e628d0e30f0f9f4c1bbe58ef3eed9bc3f44d0b2af4b8df2b81fbcd75ba083f77c52a7827cbb6b089382f3d8c9d6aae12bf8cf2760

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Heur.15528.14839.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Heur.15528.14839.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://pg.happyslot88.cc/ds/2202.gif

Targets

- Target
  
  SecuriteInfo.com.Heur.15528.14839
- Size
  
  91KB
- MD5
  
  5a75c6184001a6b8785206f1e2121290
- SHA1
  
  b3ec9fbcc5e96c45e74d503210a51a7ee5ce8132
- SHA256
  
  c71bd3833fbb10cd2f845c83a6ed957f3243990de48a74b4d5cf1602303f4bb1
- SHA512
  
  d1d29f02ae53f7fe04ebab4e628d0e30f0f9f4c1bbe58ef3eed9bc3f44d0b2af4b8df2b81fbcd75ba083f77c52a7827cbb6b089382f3d8c9d6aae12bf8cf2760
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy