Overview

overview

10

Static

static

8

1140021558...1.xlsm

windows7_x64

10

1140021558...1.xlsm

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e9a48b4_by_Libranalysis

  • Size

    91KB

  • Sample

    210506-wt98pxw7p6

  • MD5

    4e9a48b49388b031100f59b977220b27

  • SHA1

    309763ef8cfc6690fe73fb81b43764af298ae5d0

  • SHA256

    e5d46f50671ed9deafa99b1d44591e4b5a832727aa0e06573f1f78989fe42649

  • SHA512

    ee33f14c10be968382c86630f6fea615935129f3cb0590a2b1f09916800b8df8a9ef753cc7ff89c5702ebdf803a8a75019cb5e668cd18bec8fb4058f43210e6e

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://185.45.193.74/44313,6048108796.dat
xlm40.dropper

http://195.123.220.175/44313,6048108796.dat
xlm40.dropper

http://45.144.29.253/44313,6048108796.dat

Targets

    • Target

      1140021558-05062021.xlsm

    • Size

      110KB

    • MD5

      60c60a5f6c701b09a14491426b43a938

    • SHA1

      a29d00ebe08a5160537a8e4a13c3abec14b169ae

    • SHA256

      892cce4146ff62579f2cd54aff82ea259706173f97bc921fd1d47381e51282db

    • SHA512

      b460a53966d83b42674d89937781a350db0483e9254c7eeff92ce0dace6091f68c886caac67306763b739812bcf9a28dba01688f87ffd5221c3a7b89e3161dc5

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks