1dc2507ce9432a30a94f545bdf3e083307ffc3fa502df61d9aed0083304849ad | Triage

Submit
Reports

Overview

overview

Static

static

8

document-4...77.xls

windows7_x64

document-4...77.xls

windows10_x64

Sharing

General

Target

paper (23).zip
Size

34KB
Sample

210315-fzeef3pnsa
MD5

3ba1851ab88c2a87f3d8b78e116a7a5d
SHA1

8a8958e3c420dfb3b27f87f909027158c107f10d
SHA256

1dc2507ce9432a30a94f545bdf3e083307ffc3fa502df61d9aed0083304849ad
SHA512

d856554309383dc1d6fdaaab0df51ab47be47c6a97c4d5e9f245fdc591abb1d2666287d980a37909b18a56fcd407aa9c8bdbd9ee50676ea906fd3a8a17e68a39

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

document-480334777.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

document-480334777.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://usy15wycqme03dymh.xyz/w.gif

Targets

- Target
  
  document-480334777.xls
- Size
  
  139KB
- MD5
  
  e75af52fa07df46fab00de05fe28dc60
- SHA1
  
  cf1c73e0b8ea1dfd4a62223c91a9b6122b4b5fd2
- SHA256
  
  269e4f9a1289ec667bd55000472825ea3facf65f4c8796abc421ee7cc381cc43
- SHA512
  
  641fb8fa4eed5ca09ea755045c173259e7a5c1d77e1a26ef8d933eda2a3d8d6563dd102d3919cd2b8d2e1e03da22fa8df8ca3ae11130d383473fda697fdfbc6d
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy