Overview

overview

10

Static

static

8

0ea829e861...d4.xls

windows7_x64

10

0ea829e861...d4.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ea829e861af6ba3afbcf31450deb636628449ce8717b4d47ab0c3483057d8d4.xls

  • Size

    143KB

  • Sample

    210223-bnzrj4gq1j

  • MD5

    9ef64c4b47c8906347e64700af4f07a1

  • SHA1

    5511e72c0fb7a98d0b070375d84fd77901e9f27e

  • SHA256

    0ea829e861af6ba3afbcf31450deb636628449ce8717b4d47ab0c3483057d8d4

  • SHA512

    d2ce0b6170f8b82b077bae474aaf490a0b014acc2538622565853ec078c2426d60982750c62506476698cd3540cc158a37cafffcba3f648ea866c72c61c67cae

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://dindorf.com.ar/ntpnttfypqs/44250781300347200000.dat
xlm40.dropper

http://7ruzezendegi.com/samsgtlfwzt/44250781300347200000.dat
xlm40.dropper

http://miaovideo.com/wwdtfgdlijlr/ 44250781300347200000.dat
xlm40.dropper

http://batikentklinik.com/qtuofsxtov/44250781300347200000.dat
xlm40.dropper

http://chandni.pk/ictrljsfuh/44250781300347200000.dat

Targets

    • Target

      0ea829e861af6ba3afbcf31450deb636628449ce8717b4d47ab0c3483057d8d4.xls

    • Size

      143KB

    • MD5

      9ef64c4b47c8906347e64700af4f07a1

    • SHA1

      5511e72c0fb7a98d0b070375d84fd77901e9f27e

    • SHA256

      0ea829e861af6ba3afbcf31450deb636628449ce8717b4d47ab0c3483057d8d4

    • SHA512

      d2ce0b6170f8b82b077bae474aaf490a0b014acc2538622565853ec078c2426d60982750c62506476698cd3540cc158a37cafffcba3f648ea866c72c61c67cae

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks