b2d8780b86b7bf08fea165815df31f54f4dc985559379d88bf4493aa241a612e | Triage

Sharing

General

Target

b2d8780b86b7bf08fea165815df31f54f4dc985559379d88bf4493aa241a612e
Size

273KB
Sample

210313-nkm3eh78r2
MD5

ef60c9c18139a52f7e5cde89653ac0fe
SHA1

371c24a3907486f8636c8640f6698410d404105d
SHA256

b2d8780b86b7bf08fea165815df31f54f4dc985559379d88bf4493aa241a612e
SHA512

2ddf465b02734f2171b1d7d094cb413b61f629984e7f39db4315905ec0d44ec0979f1a5ba601f3bf5ab9c403061ff85801b14326eca48312eed0916998d6e00c

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://sssolutionsllc.org/k.php

Targets

- Target
  
  b2d8780b86b7bf08fea165815df31f54f4dc985559379d88bf4493aa241a612e
- Size
  
  273KB
- MD5
  
  ef60c9c18139a52f7e5cde89653ac0fe
- SHA1
  
  371c24a3907486f8636c8640f6698410d404105d
- SHA256
  
  b2d8780b86b7bf08fea165815df31f54f4dc985559379d88bf4493aa241a612e
- SHA512
  
  2ddf465b02734f2171b1d7d094cb413b61f629984e7f39db4315905ec0d44ec0979f1a5ba601f3bf5ab9c403061ff85801b14326eca48312eed0916998d6e00c
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2