552c66a82c7fd19c85d2ecb46adde62196ebd80b99bf15ca134410a56a5bf053 | Triage

Submit
Reports

Overview

overview

Static

static

8

Schedule_0...3.xlsm

windows7_x64

Sharing

General

Target

Schedule_072021_L7057723.xlsm
Size

185KB
Sample

210706-gjtxahd126
MD5

71e63e4b31f59f2eab3318a61eda3876
SHA1

ba2e8bf45bba11c11ced13b05d855c672e771215
SHA256

552c66a82c7fd19c85d2ecb46adde62196ebd80b99bf15ca134410a56a5bf053
SHA512

3a84795aa9ac67cc589b7531c502ee43bd60be856bafdd03292934ea866bd64c7da696c3c381c6d8e1aba8f52b1b8b9bfd098b0a2cf99d09216a863f12a36021

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

Schedule_072021_L7057723.xlsm

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://thousandsyears.download/div/44376,8555986111.jpg

xlm40.dropper

http://voopeople.fun/div/44376,8555986111.jpg

xlm40.dropper

http://uppercilio.fun/div/44376,8555986111.jpg

Targets

- Target
  
  Schedule_072021_L7057723.xlsm
- Size
  
  185KB
- MD5
  
  71e63e4b31f59f2eab3318a61eda3876
- SHA1
  
  ba2e8bf45bba11c11ced13b05d855c672e771215
- SHA256
  
  552c66a82c7fd19c85d2ecb46adde62196ebd80b99bf15ca134410a56a5bf053
- SHA512
  
  3a84795aa9ac67cc589b7531c502ee43bd60be856bafdd03292934ea866bd64c7da696c3c381c6d8e1aba8f52b1b8b9bfd098b0a2cf99d09216a863f12a36021
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy