0bcfb0dbe6dda4d624a42608aadb0c060d4216686c968212e9d191fc881a2fc7 | Triage

Submit
Reports

Overview

overview

Static

static

8

dettagli_2188.xlsb

windows7_x64

dettagli_2188.xlsb

windows10_x64

Sharing

General

Target

dettagli_2188.xlsb
Size

69KB
Sample

210316-8zda7hh5ze
MD5

445cf3ad389002cfcb54e07aa3113e2c
SHA1

e619a29897a41983bb8eb5521f314d172c7840f6
SHA256

0bcfb0dbe6dda4d624a42608aadb0c060d4216686c968212e9d191fc881a2fc7
SHA512

96c7ea5c6593cc4a217619af18b59f3380afec0c570da408eab9b4a49910230c14d100dd534d38efcb3043077e6e64e98132302864aec47fddb362f4ee9464cd

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

dettagli_2188.xlsb

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dettagli_2188.xlsb

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://obbligo.casa/register.jpg

Targets

- Target
  
  dettagli_2188.xlsb
- Size
  
  69KB
- MD5
  
  445cf3ad389002cfcb54e07aa3113e2c
- SHA1
  
  e619a29897a41983bb8eb5521f314d172c7840f6
- SHA256
  
  0bcfb0dbe6dda4d624a42608aadb0c060d4216686c968212e9d191fc881a2fc7
- SHA512
  
  96c7ea5c6593cc4a217619af18b59f3380afec0c570da408eab9b4a49910230c14d100dd534d38efcb3043077e6e64e98132302864aec47fddb362f4ee9464cd
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy