Overview

overview

10

Static

static

8

1563711913...1.xlsm

windows7_x64

10

1563711913...1.xlsm

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1563711913-05062021.xlsm_10CAB4D8F1BE2995589207401AC550AC.zip

  • Size

    91KB

  • Sample

    210506-gh6mtej1t2

  • MD5

    609b70f638075c02df3387390f4471ba

  • SHA1

    9b989c383bf7ffeb445c532fe7dfe248d7670ace

  • SHA256

    aa41780f78033fd305eb90aa419bb11c2a931c0dd32ba4562dc25996cc67a959

  • SHA512

    00c19dc4b797ccf86903f19a281e540a61344b6ef3c15f9900ed4c6e0e2e2e29a0715ecc8e580abfd91ab667c576209c16915de18f1f239a1d9259683f3d66db

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://185.45.193.74/44313,6048108796.dat
xlm40.dropper

http://195.123.220.175/44313,6048108796.dat
xlm40.dropper

http://45.144.29.253/44313,6048108796.dat

Targets

    • Target

      1563711913-05062021.xlsm

    • Size

      110KB

    • MD5

      10cab4d8f1be2995589207401ac550ac

    • SHA1

      0f670196520660bb4e2cdc2bcfd8684126d74685

    • SHA256

      d8fb52df67fd0023e4cd671ffd19425f4bdf22581f46bc256f848eeabe885985

    • SHA512

      81384e6455f1c88b6f396c57dca7587b3c30b5ca18d99c5741dc5ee03250e72bac2c1b13fcbd3e986cd2fb9c50608a8d9dcae41e56ddc86dbd52c542ead0cf53

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks