General

  • Target

    Complaint-Copy-684209303-03092021.xls

  • Size

    80KB

  • Sample

    210309-7dpn7mcxq6

  • MD5

    929a37b88e9317036edc9cef13cf68ee

  • SHA1

    be790f3e60156d3dc2dac6061a6df906c634304e

  • SHA256

    78b0fb46c1563fbdaf9d9b9fedfe848aa9b0950af5b98a4e5de18fd649604de7

  • SHA512

    1f4eca1bea7f83f606c963b7196e9ec2e81bda6ccfc4e0094bc6459a526c24575ff04ca875a258751102882d810316446df8d970cfc5397e1bbfc52ea0f8ac46

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://edgethefoundation.com/owdkvdylem/44264.645540625.dat

xlm40.dropper

http://thehealthandwellbeingclub.com/vrplxjytfbp/44264.645540625.dat

xlm40.dropper

http://aslambek.eu/nqyxczidjed/44264.645540625.dat

xlm40.dropper

http://samsung-drivers.xyz/npbpm/44264.645540625.dat

xlm40.dropper

http://osrsport.com/tlftzsi/44264.645540625.dat

Targets

    • Target

      Complaint-Copy-684209303-03092021.xls

    • Size

      80KB

    • MD5

      929a37b88e9317036edc9cef13cf68ee

    • SHA1

      be790f3e60156d3dc2dac6061a6df906c634304e

    • SHA256

      78b0fb46c1563fbdaf9d9b9fedfe848aa9b0950af5b98a4e5de18fd649604de7

    • SHA512

      1f4eca1bea7f83f606c963b7196e9ec2e81bda6ccfc4e0094bc6459a526c24575ff04ca875a258751102882d810316446df8d970cfc5397e1bbfc52ea0f8ac46

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks