2b81c268899390357d88de000b6900a1e9f4a1a3d38758ca72a7cba8a10ffc41 | Triage

Submit
Reports

Overview

overview

Static

static

8

document-8...06.xls

windows7_x64

document-8...06.xls

windows10_x64

Sharing

General

Target

_file_attached (55).zip
Size

33KB
Sample

210312-ajwk94km8x
MD5

2790d7480996663633883c5b7f198c3f
SHA1

8363ec29fb017c3abd6e43594550e7da6b0119db
SHA256

2b81c268899390357d88de000b6900a1e9f4a1a3d38758ca72a7cba8a10ffc41
SHA512

694666787331c5f13c56ec06dbfba8572b9c6b85015a802c351c14ee54bd22f61d766263933ba28303a5330ee412916def5dc8cc4e5e558c96e1824a82db7e50

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

document-833903906.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-833903906.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://bqx12lnjk03rrdio.xyz/i.gif

Targets

- Target
  
  document-833903906.xls
- Size
  
  138KB
- MD5
  
  470389c3c34c9b3d1d58a7efb6179237
- SHA1
  
  9116d7f83ad5a5b43597de56dcb332e486815584
- SHA256
  
  c032a0487a642468e1b68214348460209213a066d5cb8e9d9a361a116daa3bd0
- SHA512
  
  957929a1846e80a9ab07f984a550d18fad35f1c84abfe8e7665f3a945ca7e2dd807478933f728cbe51e2bbb1572625c60dd9190ec678e384507011939eebc0c5
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy