6554bb875518a3f98aca2f086217a5fc86778c3e90132f4e1f0fec6000ba3103 | Triage

Submit
Reports

Overview

overview

Static

static

8

SecuriteIn...04.xls

windows7_x64

SecuriteIn...04.xls

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Heur.32597.10604
Size

280KB
Sample

210504-czzksjcbma
MD5

9646c9d32cec09ab37b67d393aaa6312
SHA1

c4f45533795bcd7e3a1e7a28f3700b826356c981
SHA256

6554bb875518a3f98aca2f086217a5fc86778c3e90132f4e1f0fec6000ba3103
SHA512

2c9a3379879769e62c32581574b60f5e1c4b052ff8d77d583f597031df8771a9a4b65a72df600daf845c9938b5b7a71b47fe58dbfe6918b6ac520da4e9b804d1

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Heur.32597.10604.xls

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Heur.32597.10604.xls

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://deluciaspizza.com/netmouser.dll

Targets

- Target
  
  SecuriteInfo.com.Heur.32597.10604
- Size
  
  280KB
- MD5
  
  9646c9d32cec09ab37b67d393aaa6312
- SHA1
  
  c4f45533795bcd7e3a1e7a28f3700b826356c981
- SHA256
  
  6554bb875518a3f98aca2f086217a5fc86778c3e90132f4e1f0fec6000ba3103
- SHA512
  
  2c9a3379879769e62c32581574b60f5e1c4b052ff8d77d583f597031df8771a9a4b65a72df600daf845c9938b5b7a71b47fe58dbfe6918b6ac520da4e9b804d1
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy