Resubmissions

02-08-2021 09:30

210802-3asm5re99x 10

10-06-2021 19:14

210610-xr9avxf7f6 10

General

  • Target

    cancel_sub_VCP1234567890123.xlsb

  • Size

    123KB

  • Sample

    210802-3asm5re99x

  • MD5

    9e1ee4a42c381eabcf2cde38a1aae7c9

  • SHA1

    015bb306d9e54001d433b3ac2e7212b864f54ae2

  • SHA256

    fd71a2fcc0b5dd0fb0dbff257839b67749f2cadf30e2d3dae7f0e941d93d24d3

  • SHA512

    d8955c76657c68542ebcd1fc0b14b69917976892a2005ff0fcace3754200d52c4557235e083b76f4115cc940281dbe77a8e390e8bd18fbe9d5cdb128191580ec

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      cancel_sub_VCP1234567890123.xlsb

    • Size

      123KB

    • MD5

      9e1ee4a42c381eabcf2cde38a1aae7c9

    • SHA1

      015bb306d9e54001d433b3ac2e7212b864f54ae2

    • SHA256

      fd71a2fcc0b5dd0fb0dbff257839b67749f2cadf30e2d3dae7f0e941d93d24d3

    • SHA512

      d8955c76657c68542ebcd1fc0b14b69917976892a2005ff0fcace3754200d52c4557235e083b76f4115cc940281dbe77a8e390e8bd18fbe9d5cdb128191580ec

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks