Overview

overview

10

Static

static

8

1613044558...1.xlsm

windows7_x64

10

1613044558...1.xlsm

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1613044558-05062021.xlsm

  • Size

    110KB

  • Sample

    210506-4frs7rj2wx

  • MD5

    e43036ff5733aebc5c2f46081c7f9006

  • SHA1

    e30d56021f158178fbaf7c9d45aa658b924a67e5

  • SHA256

    7b4801469217b291d85882cf568da70ceb8aec9d82ba3879794fa4bcf99ef25f

  • SHA512

    f6c4197586371e0fe8051f51a31b80ac9ae199e32dbf14f213276f3513c6b3cc801a046ac400c6e4c107ba4776ea9dd565594334a42c65d1d88a28a5fb8181ff

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://185.45.193.74/44313,6048108796.dat
xlm40.dropper

http://195.123.220.175/44313,6048108796.dat
xlm40.dropper

http://45.144.29.253/44313,6048108796.dat

Targets

    • Target

      1613044558-05062021.xlsm

    • Size

      110KB

    • MD5

      e43036ff5733aebc5c2f46081c7f9006

    • SHA1

      e30d56021f158178fbaf7c9d45aa658b924a67e5

    • SHA256

      7b4801469217b291d85882cf568da70ceb8aec9d82ba3879794fa4bcf99ef25f

    • SHA512

      f6c4197586371e0fe8051f51a31b80ac9ae199e32dbf14f213276f3513c6b3cc801a046ac400c6e4c107ba4776ea9dd565594334a42c65d1d88a28a5fb8181ff

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks