Overview

overview

10

Static

static

8

Cancellati...21.xls

windows7_x64

10

Cancellati...21.xls

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cancellation-1833116253-03112021.zip

  • Size

    49KB

  • Sample

    210312-84xr5qn77j

  • MD5

    66c864d39df68c8fc9928a08e1cb4223

  • SHA1

    e26b7a099d6a725319c1ffae24a2bf5336c9abfa

  • SHA256

    0b5aef42ff5ae678d7ab65b0c2b7824aed3c5215d2755f326a0b5c4cba32f52a

  • SHA512

    2e10b2176784218257f2698f73d01e9e349b7d4be0279af6bf57cf1eca73a73ec9edabc3e354735c526857b8850eca5dd233aab8673460d3a162ca7d6c29ab58

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://195.123.220.67/44267.1507105324.dat
xlm40.dropper

http://45.150.67.127/44267.1507105324.dat

Targets

    • Target

      Cancellation-1833116253-03112021.xls

    • Size

      277KB

    • MD5

      a1f1f52796d8f655dd0603fb8368ecc0

    • SHA1

      af2b833eede2aae9f9dc5862c34ea19b826cc081

    • SHA256

      9826463d649ddac393a09764050fc6ebf824d06dc05b8c105fdced3eac4cbc02

    • SHA512

      a1e7ed059a4e6686e7bce6542eea97481a25dea93133e982b53c6441bb05eeb3c9bb15ba080d81182b330586135cef85e491e5e948769d945275341ea630067b

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks