adf91b71c312c5c9f0de57545854943f3aac8d89655bdcd408fe8751a1613e60

General

Target

CompensationClaim_1162351010_03152021.7z
Size

150KB
Sample

210316-qvm7z1evtj
MD5

bbd43393b760df53b8851f03745249be
SHA1

e65288ed4b26723eaef71afe80b8a001f4080a46
SHA256

adf91b71c312c5c9f0de57545854943f3aac8d89655bdcd408fe8751a1613e60
SHA512

5409360129af8c42b307c512b5c67f420a6f5829a291850afb9c00d899e874f78aecfc919ed96c85bc463e947f9ae16e440cfc63fe289e8eb2346427d37a6030

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://188.127.235.70/44271.5717447917.dat

xlm40.dropper

http://185.82.217.185/44271.5717447917.dat

xlm40.dropper

http://188.127.235.71/44271.5717447917.dat

Targets

- Target
  
  CompensationClaim_1162351010_03152021.xls
- Size
  
  233KB
- MD5
  
  df9f6370222c81052695606bd20629cc
- SHA1
  
  a261985576003f03c5a24a3c8879f927153559e6
- SHA256
  
  775838107da31be87d160d4faefdffc0ef7941367f5d3e8aed14fd9ab422089f
- SHA512
  
  280fde1b32f182617e251857ab31c71a0842ba29847cec992cedf4eed2c56e3e4dab32019c6a494f81d7ea3bfa44cad2c3c0251ff577edab61e134706d03d1d5
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Process spawned unexpected child process

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2