Overview

overview

10

Static

static

8

a3237c24e5...2.xlsm

windows7_x64

10

a3237c24e5...2.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5718504227635200.zip

  • Size

    95KB

  • Sample

    210831-nnb5sgb7d6

  • MD5

    6092c4df84678581a91ceb076d96c27c

  • SHA1

    b35682cb817b0c7748b39acba45a824833b25517

  • SHA256

    14b9606fed15b6af7136d993b1867fd6fde9c2b8e0d05520cec7d6ea59140210

  • SHA512

    39db04b79fe4448c3d4cd6db99f3fe2e7db34abbf120cd3d6facdff0d39858be47fcc635158caade74a38f41132099a2fdfe6246d53301854e6ffbef9e71a2af

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://185.183.99.115/44313,6048108796.dat
xlm40.dropper

http://51.89.73.159/44313,6048108796.dat
xlm40.dropper

http://190.14.37.38/44313,6048108796.dat

Targets

    • Target

      a3237c24e542efe70c01c2b628d050e38b5ea63dce784e30533ea8fd1cd4d492

    • Size

      114KB

    • MD5

      b2d90c82aa0ed6b4718107131b00a127

    • SHA1

      85fd0bbc43312e000231bcc0753fab3931878781

    • SHA256

      a3237c24e542efe70c01c2b628d050e38b5ea63dce784e30533ea8fd1cd4d492

    • SHA512

      369d1b0378b31a002a077c24b73c670dd6480d8fb4c353d97f7b0816834e37bfe29c1c5608701821ffe26cadc182e80037fc1b2003dc50e20e86d4d324bb275b

    Score
    10/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks