Overview

overview

10

Static

static

8

Debt-Detai...1.xlsm

windows7_x64

10

Debt-Detai...1.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Debt-Details-1932499915-05132021.xlsm.zip

  • Size

    149KB

  • Sample

    210514-rm1yq1567x

  • MD5

    8f6b264ae3101115dde500c3633fabff

  • SHA1

    feb0ffa792b9e426c2e781874fce05e7709f4402

  • SHA256

    649e5a00f34947d6f200f29666e38e6f66c264ec4bf5346b1b68770ca95ca095

  • SHA512

    e976da82d1e561eb0c161a0d49fd1d99c5decf69601aa40c9ccdefd3086ad69365e905da47bba2f8092af88fae40a31a92ab6cecb1c0506c3738bfb65da9fc6f

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://185.183.96.233/44330.0227946759.dat
xlm40.dropper

http://51.89.115.125/44330.0227946759.dat
xlm40.dropper

http://190.14.37.64/44330.0227946759.dat

Targets

    • Target

      Debt-Details-1932499915-05132021.xlsm

    • Size

      196KB

    • MD5

      4eac2ae794168009d07bcf6ce582f06e

    • SHA1

      567a2839f36b42e30d114f56f4dd775bdfecd8a1

    • SHA256

      311e7aea7bb5f1b450543acb103eb34fa0d1d3e0e2e051474ad4ceb73159befa

    • SHA512

      a88fc0a8ac489b7b7a78ed1cce91ce48195b1220ac8a512d5f44cd0bddf5ebf48906f1f0100aab889acf3a8c40570c70921f9d1f386dd4a6330405dc75c86b44

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks