15d0864ea57ebabb48b350f1e14d62d7c970c547334f2a103a2904844fc4e50b | Triage

Submit
Reports

Overview

overview

Static

static

8

document-1...03.xls

windows7_x64

document-1...03.xls

windows10_x64

Sharing

General

Target

attached (38).zip
Size

14KB
Sample

210304-s7ga7bsq32
MD5

beba3a49686eff9adc79adfc9f2b9e63
SHA1

53df46cf812242663509310b5a6e16b4596ae716
SHA256

15d0864ea57ebabb48b350f1e14d62d7c970c547334f2a103a2904844fc4e50b
SHA512

9dc9e8ccbe6f92f4be93b457b9e8379a5dd4345c9ce41b5623ba3286ea2ac732bab4522a79105b6e81c4bf5a56925d27ea76fe146859459ce1ec219a5e8e5df3

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

document-1627705103.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-1627705103.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://lic02uiccnh03nruvp.com/index.xls

Targets

- Target
  
  document-1627705103.xls
- Size
  
  86KB
- MD5
  
  654b09aa33f8a6de326b512dad94b188
- SHA1
  
  878d544ed0603a108504fc414d6eda62b06c4c9e
- SHA256
  
  db2edf081f4e85539a7afbee77276e960440f8b81b7b33d950a657186daa5818
- SHA512
  
  6915fab237e19a4844bb644bfb4f52f4ada930b32d5b1116784f0a6f8fbe0f3df344233a663cbd8a0051c130e505ce70fb2654e8eff6326fcc93754f04ec989e
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy