Overview

overview

10

Static

static

8

6726g.xlsm

windows7_x64

10

6726g.xlsm

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6726g.xlsm

  • Size

    25KB

  • Sample

    210312-9nw8kncwa2

  • MD5

    6aeaea0e67f7a1156a47f71d8f6023b7

  • SHA1

    5d9d46b47d63f87d23b5ff6f7839f35319ff36eb

  • SHA256

    ca1b700f67b0c55e8467d8407b9ec631b5fd9e1bb1f99eaf6a8567859c2ab7a2

  • SHA512

    53d0136804255889b7921b503cd730a5b3b47068538198bbb00520f6d47bf464db8481db9faeb04fb20ab579cc4240d9d4800381aa83d0be830273babda199d1

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      6726g.xlsm

    • Size

      25KB

    • MD5

      6aeaea0e67f7a1156a47f71d8f6023b7

    • SHA1

      5d9d46b47d63f87d23b5ff6f7839f35319ff36eb

    • SHA256

      ca1b700f67b0c55e8467d8407b9ec631b5fd9e1bb1f99eaf6a8567859c2ab7a2

    • SHA512

      53d0136804255889b7921b503cd730a5b3b47068538198bbb00520f6d47bf464db8481db9faeb04fb20ab579cc4240d9d4800381aa83d0be830273babda199d1

    Score
    10/10

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks