a170378dce343e771e773c1518a27530982aad11a96b5c3c3d65ba451434fb4f | Triage

Submit
Reports

Overview

overview

Static

static

8

document-6...36.xls

windows7_x64

document-6...36.xls

windows10_x64

Sharing

General

Target

_attached_file (70).zip
Size

15KB
Sample

210225-v6pthta6ae
MD5

4c96e70b55976379573ef558200cea9f
SHA1

8628852ef9dd6ba21354dadb2883ea826b714dd2
SHA256

a170378dce343e771e773c1518a27530982aad11a96b5c3c3d65ba451434fb4f
SHA512

6a38fbb1a06f52cf48eb83bf86509bbe51bb7b15ae5e5e85ae275069c0aaae4a4c43a9e9f9fc09ac493fd1163d5c514cc7db4117c8a9ebd5af4313718fe67b13

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

document-674050836.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-674050836.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://45.11.183.252/22.gif

Targets

- Target
  
  document-674050836.xls
- Size
  
  90KB
- MD5
  
  7143213d7239c0de773d5cb478115ca4
- SHA1
  
  615c492cfb553b858bb4664662187fabd9b2c0e8
- SHA256
  
  bd33fe2760890117c9c7b8cd7c4d79e269d804bc661102661dae5990a4259051
- SHA512
  
  b06da5b015d7888d328a1edd0fdfc5b2f8e65bf8372496b02e91c3b8575a5d46a58ab82f872d7df8f3a7a753bdebeb47805481927e9bf3769d4a3eba862228bf
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy