7d72b56d5655b1d1062664af0c19b7214087526f7904b8e0916a2d957b715f45 | Triage

Submit
Reports

Overview

overview

Static

static

8

societ_2502.xlsb

windows7_x64

societ_2502.xlsb

windows10_x64

Sharing

General

Target

societ_2502.xlsb
Size

60KB
Sample

210315-y1yetgpr7e
MD5

57e0c0017fab8f5b3ee506128e976787
SHA1

918056491e12dcf4b3a64e7968412b88cabfc856
SHA256

7d72b56d5655b1d1062664af0c19b7214087526f7904b8e0916a2d957b715f45
SHA512

961210404526970ad8d6789b4911397fb726ce138c1de7a0413cc398c711a26cf87659661fc9b33e384434a2741e9c5bbc1ce41d7e2d0bf83910f1fbe7cd0c7c

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

societ_2502.xlsb

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

societ_2502.xlsb

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://linestata.bar/register.jpg

Targets

- Target
  
  societ_2502.xlsb
- Size
  
  60KB
- MD5
  
  57e0c0017fab8f5b3ee506128e976787
- SHA1
  
  918056491e12dcf4b3a64e7968412b88cabfc856
- SHA256
  
  7d72b56d5655b1d1062664af0c19b7214087526f7904b8e0916a2d957b715f45
- SHA512
  
  961210404526970ad8d6789b4911397fb726ce138c1de7a0413cc398c711a26cf87659661fc9b33e384434a2741e9c5bbc1ce41d7e2d0bf83910f1fbe7cd0c7c
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy