Overview

overview

10

Static

static

8

Debt-Detai...21.xls

windows7_x64

10

Debt-Detai...21.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Re RE PRESUPUESTO MATERIAL BARANDA SALIDA DE CAJAS SECADO BIO (412 KB).msg

  • Size

    60KB

  • Sample

    210311-dyhjxbtzax

  • MD5

    8e5636692fd48fa9667e642ca3345e92

  • SHA1

    622502a0ba6120bf3e0259116223877e2be1756f

  • SHA256

    2f74c0fb5630e45d752bd98482b87602295c40c9286eaef0ffdf2467435c4c86

  • SHA512

    73c92db4041ea0e61b57910f022ec4e7df8eacba6ad34ac3b62688381327f546d8c456920a8b86ae8b269370f9f8c98704a77ae285b0bea7eca8e1b2e0e60c36

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://kosherbansko.com/vozrhzftc/44266.668266088.dat
xlm40.dropper

http://beautyhair.by/rkqhopvrb/44266.668266088.dat
xlm40.dropper

http://trysaileggplants.com/xbbomazcknz/44266.668266088.dat
xlm40.dropper

http://giftcard16.com/pghxph/44266.668266088.dat
xlm40.dropper

http://www.ausfencing.org/jqikucbefrth/44266.668266088.dat

Targets

    • Target

      Debt-Details-1670392816-03052021.xls

    • Size

      78KB

    • MD5

      910337ef06549d324e9f9a226177c28b

    • SHA1

      d9861f0977f7d84ac275a905e6235a28cee0fea3

    • SHA256

      68361e608e5ed794afd3f803b3a6a87f00b0827fbf26bea80c6fc084075591af

    • SHA512

      3c8ae7e45111bef6a4741e664f7389780e916590dd4be8fbec1ea962961b22cfe71c73d34b4700763755b0ce4d3848258b531162e0f318bf60fab17a01a75d78

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks