Overview

overview

10

Static

static

8

tipo_2379.xlsb

windows7_x64

10

tipo_2379.xlsb

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tipo_2379.xlsb

  • Size

    66KB

  • Sample

    210316-seh6webhga

  • MD5

    16ccf07b3e1df46cbdbb04b4102dca2c

  • SHA1

    e3b05d3d554c0a21630769d8ba0ade598836c019

  • SHA256

    e593b43c468f1c38b1ff688ab87b9c0265692531d981f12a67362ae62f134a51

  • SHA512

    c41871545522cd3357577ca90564355d12a0a1819229a01dd50ed0b754ddb8138d7d771c7bedb05aa90e3a41620adbedc4f128f9043e8d17d252ea867001050d

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://statalines.bar/home.jpg

Targets

    • Target

      tipo_2379.xlsb

    • Size

      66KB

    • MD5

      16ccf07b3e1df46cbdbb04b4102dca2c

    • SHA1

      e3b05d3d554c0a21630769d8ba0ade598836c019

    • SHA256

      e593b43c468f1c38b1ff688ab87b9c0265692531d981f12a67362ae62f134a51

    • SHA512

      c41871545522cd3357577ca90564355d12a0a1819229a01dd50ed0b754ddb8138d7d771c7bedb05aa90e3a41620adbedc4f128f9043e8d17d252ea867001050d

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks