Overview

overview

10

Static

static

8

0782a2070e...94.xls

windows7_x64

10

0782a2070e...94.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0782a2070e674e39d93e31282fe5f9ca680c45394c39fb7fa343ec87a6f6cd94

  • Size

    273KB

  • Sample

    210313-7t6v18pa7n

  • MD5

    ce21a33b634b572514cdc5a327b08778

  • SHA1

    f7ac6299d0e19f452e4828bcb30eb9cb50383fff

  • SHA256

    0782a2070e674e39d93e31282fe5f9ca680c45394c39fb7fa343ec87a6f6cd94

  • SHA512

    31b57f6e5cbb55d122e4b859911126e7cae56a8908aa17760656b2ae42e81be5899158930a04c311ae7f5ab93f7e2d8e8813c9eae0050783ac403194610cae0a

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://sssolutionsllc.org/k.php

Targets

    • Target

      0782a2070e674e39d93e31282fe5f9ca680c45394c39fb7fa343ec87a6f6cd94

    • Size

      273KB

    • MD5

      ce21a33b634b572514cdc5a327b08778

    • SHA1

      f7ac6299d0e19f452e4828bcb30eb9cb50383fff

    • SHA256

      0782a2070e674e39d93e31282fe5f9ca680c45394c39fb7fa343ec87a6f6cd94

    • SHA512

      31b57f6e5cbb55d122e4b859911126e7cae56a8908aa17760656b2ae42e81be5899158930a04c311ae7f5ab93f7e2d8e8813c9eae0050783ac403194610cae0a

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks