dca218e59e43481f87fbd14b198d42e4617a8b67a4d9e1baf6d9f46786c8cb62 | Triage

Submit
Reports

Overview

overview

Static

static

8

document-1...55.xls

windows7_x64

document-1...55.xls

windows10_x64

Sharing

General

Target

document-1466263755.xls
Size

138KB
Sample

210312-q54e4prtps
MD5

6c87d721511475212b2aeda5636e34e8
SHA1

08c219a973dbc94e64a4587c7881a8fb60e6ac54
SHA256

dca218e59e43481f87fbd14b198d42e4617a8b67a4d9e1baf6d9f46786c8cb62
SHA512

8066761dd396dced3eb57d140f13f03050872e9be313fa84926f5b77ff3d2e1de02c40805e8de31b557c35406fec5c52c36411b0d7ee228dd6862f862606dd2d

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

document-1466263755.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-1466263755.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://bqx12lnjk03rrdio.xyz/i.gif

Targets

- Target
  
  document-1466263755.xls
- Size
  
  138KB
- MD5
  
  6c87d721511475212b2aeda5636e34e8
- SHA1
  
  08c219a973dbc94e64a4587c7881a8fb60e6ac54
- SHA256
  
  dca218e59e43481f87fbd14b198d42e4617a8b67a4d9e1baf6d9f46786c8cb62
- SHA512
  
  8066761dd396dced3eb57d140f13f03050872e9be313fa84926f5b77ff3d2e1de02c40805e8de31b557c35406fec5c52c36411b0d7ee228dd6862f862606dd2d
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy