Overview

overview

10

Static

static

8

dettagli_1976.xlsb

windows7_x64

10

dettagli_1976.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dettagli_1976.xlsb

  • Size

    59KB

  • Sample

    210316-gprpcr3slx

  • MD5

    39bc788a3b732b5b5de56db2e83d3290

  • SHA1

    49155f32b635defa8f1fbad9f741e959152da55c

  • SHA256

    3e08a05c04ed3a493393bbc3e462fc964eafc42d97bb1072149a001ea559327b

  • SHA512

    26f53fb8f763b6f603505d278d8ed15a1983e45708fb07b9866463f1b2625099271b9055de21e1a21105e772ebb7186e609893c5f397c56e052fe6c79c65f67c

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://obbligo.casa/register.jpg

Targets

    • Target

      dettagli_1976.xlsb

    • Size

      59KB

    • MD5

      39bc788a3b732b5b5de56db2e83d3290

    • SHA1

      49155f32b635defa8f1fbad9f741e959152da55c

    • SHA256

      3e08a05c04ed3a493393bbc3e462fc964eafc42d97bb1072149a001ea559327b

    • SHA512

      26f53fb8f763b6f603505d278d8ed15a1983e45708fb07b9866463f1b2625099271b9055de21e1a21105e772ebb7186e609893c5f397c56e052fe6c79c65f67c

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks