Overview

overview

10

Static

static

8

4870aa6d_b...s.xlsm

windows7_x64

10

4870aa6d_b...s.xlsm

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4870aa6d_by_Libranalysis

  • Size

    109KB

  • Sample

    210506-aw6s18w4v6

  • MD5

    4870aa6d666016c3667317a492450607

  • SHA1

    f5b74a37c0d3e16026ed3b2f28d1cc7df4d77512

  • SHA256

    60a71e6de4c107f1f2e7ddec59cc37e07a2a770f7635184202fb6d852c3a929e

  • SHA512

    cc5ab1f17f9bfd67558e66c68c44a50e077ddb3d1581dab35d74819f67bb9f526c2e4cacb6c067e512d43e7449e2d8c5678526d754ed66b0e9b87539d149a911

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://91.211.91.82/44313,6048108796.dat
xlm40.dropper

http://82.117.252.199/44313,6048108796.dat
xlm40.dropper

http://45.138.157.43/44313,6048108796.dat

Targets

    • Target

      4870aa6d_by_Libranalysis

    • Size

      109KB

    • MD5

      4870aa6d666016c3667317a492450607

    • SHA1

      f5b74a37c0d3e16026ed3b2f28d1cc7df4d77512

    • SHA256

      60a71e6de4c107f1f2e7ddec59cc37e07a2a770f7635184202fb6d852c3a929e

    • SHA512

      cc5ab1f17f9bfd67558e66c68c44a50e077ddb3d1581dab35d74819f67bb9f526c2e4cacb6c067e512d43e7449e2d8c5678526d754ed66b0e9b87539d149a911

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks