5816b4bbe8effbcc1782adb02e45b93cddb1644abb568ccbd02c1041368d67c1 | Triage

Submit
Reports

Overview

overview

Static

static

8

document-4...46.xls

windows7_x64

document-4...46.xls

windows10_x64

Sharing

General

Target

doc-13.zip
Size

14KB
Sample

210303-majx77y8jx
MD5

7fad66cddd751f0d6e71a0ab67540302
SHA1

56c13e7f33316c77fcb4b114a0ba4b9f89a73653
SHA256

5816b4bbe8effbcc1782adb02e45b93cddb1644abb568ccbd02c1041368d67c1
SHA512

e2475d1a6f4a361a6e5629e8256e3528617b9fe117fc7d22c9c79cba0aab0fc7bbef924ad58d6d3a8e0736a38acf35b39dde536dddcdf9736613db4d67a2371d

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

document-460240546.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-460240546.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://cidn02mjco03pobx.com/index.xls

Targets

- Target
  
  document-460240546.xls
- Size
  
  86KB
- MD5
  
  bf0044be9b86f3c9291bae14dd1d5987
- SHA1
  
  a3bfbdfa6b051b88e2d1d9fa2c96df3a4c44e274
- SHA256
  
  2b40abce4310f86fff1d92065787e2ac0c18d05dfd5ce8defabb60a04afa659d
- SHA512
  
  a93af649c42f3ef4bdd51df1c4e598eb78f9a9b688b6b6011b82216d1eb35ab66fa700d6cd8920d39c34a2887418ff4849eb9cdc20ca8e5c9277d46e85bdc266
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy