b02d88044c50d694ea29d04d23729aeaf7d38ca8a4da0f502797068d3951d5d7 | Triage

Submit
Reports

Overview

overview

Static

static

8

operazione_1751.xlsb

windows7_x64

operazione_1751.xlsb

windows10_x64

Sharing

General

Target

operazione_1751.xlsb
Size

122KB
Sample

210716-pe1c1fct6e
MD5

f41e29e685872c54729e8d7596923455
SHA1

0d71123ad3227651b93b7b3a5e55ae2395b24faa
SHA256

b02d88044c50d694ea29d04d23729aeaf7d38ca8a4da0f502797068d3951d5d7
SHA512

32dae638d7ae79cd2c0c6712e4342c0d4098d09bd38fedc190913b3aca1b7530fdf4b819590baeab7a0e7e66ce6de29b651803de8d04500d0ba3fd38aff85a2b

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

operazione_1751.xlsb

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

operazione_1751.xlsb

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://trimestre.bar/signin.jpg

Targets

- Target
  
  operazione_1751.xlsb
- Size
  
  122KB
- MD5
  
  f41e29e685872c54729e8d7596923455
- SHA1
  
  0d71123ad3227651b93b7b3a5e55ae2395b24faa
- SHA256
  
  b02d88044c50d694ea29d04d23729aeaf7d38ca8a4da0f502797068d3951d5d7
- SHA512
  
  32dae638d7ae79cd2c0c6712e4342c0d4098d09bd38fedc190913b3aca1b7530fdf4b819590baeab7a0e7e66ce6de29b651803de8d04500d0ba3fd38aff85a2b
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy