Overview

overview

10

Static

static

8

notif_2227.xlsb

windows7_x64

10

notif_2227.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    notif_2227.xlsb

  • Size

    67KB

  • Sample

    210316-jahs3k5fzj

  • MD5

    b9331085a13ece7ef497f93dcd2741d6

  • SHA1

    c8a844989501bf3e47266d4d5a5e083856bb0feb

  • SHA256

    07f7f5ac05c7d09206105d3827cdf09e69575f74a0337824ffb0c7fa19dbac0a

  • SHA512

    6f4720aa130e45f0c8b1f1f04ae1041c74d4646a04e23e2dd23400333f123b3c3838986e68e101649933951c73665e9bf5d766f762362bea71f3e00d450e0e11

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://obbligo.bar/register.jpg

Targets

    • Target

      notif_2227.xlsb

    • Size

      67KB

    • MD5

      b9331085a13ece7ef497f93dcd2741d6

    • SHA1

      c8a844989501bf3e47266d4d5a5e083856bb0feb

    • SHA256

      07f7f5ac05c7d09206105d3827cdf09e69575f74a0337824ffb0c7fa19dbac0a

    • SHA512

      6f4720aa130e45f0c8b1f1f04ae1041c74d4646a04e23e2dd23400333f123b3c3838986e68e101649933951c73665e9bf5d766f762362bea71f3e00d450e0e11

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks