Overview

overview

10

Static

static

8

Attachment_97775.xlsb

windows7_x64

10

Attachment_97775.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Attachment_97775.xlsb

  • Size

    197KB

  • Sample

    210302-fbzpydykj6

  • MD5

    f3816c84f0ba476a6a110432d3f15b0b

  • SHA1

    75b31cd545c4d84116a387430ee4f87d08298cdc

  • SHA256

    5678487ef48332defdc02c465cd87285393b4003809ea95a7ae1355bcb6dab53

  • SHA512

    32f34a80536137247016592446138d2e3ab4e3d8a3bfc1e27b857b5056bcd702cdae29330e77ec9189a7ee76fba9c43a7406f51f23719727f7c4af47eff29a30

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://195.123.219.21/campo/t3/t3

Targets

    • Target

      Attachment_97775.xlsb

    • Size

      197KB

    • MD5

      f3816c84f0ba476a6a110432d3f15b0b

    • SHA1

      75b31cd545c4d84116a387430ee4f87d08298cdc

    • SHA256

      5678487ef48332defdc02c465cd87285393b4003809ea95a7ae1355bcb6dab53

    • SHA512

      32f34a80536137247016592446138d2e3ab4e3d8a3bfc1e27b857b5056bcd702cdae29330e77ec9189a7ee76fba9c43a7406f51f23719727f7c4af47eff29a30

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks