ad682974afe24641e8f2aa645a02f24bafd8595d6746ad789e4ef351807c6399

Resubmissions

15-10-2021 13:15

211015-qhcy5sbaa7 8

14-10-2021 06:28

211014-g8dhxsgbhl 10

Sharing

Copy URL

Twitter E-mail

General

Target

PRMS_558161433.xls
Size

134KB
Sample

211014-g8dhxsgbhl
MD5

ce9aef0eeccadcb8bbf463e2158e718c
SHA1

50ed2e5bbe1ac51ae8a26f005f17ba14ef30be88
SHA256

ad682974afe24641e8f2aa645a02f24bafd8595d6746ad789e4ef351807c6399
SHA512

f43a45179311a42e6d707bc1b01b87da7449ab4fce931ec119bcb2df5e4686907c2c204668fd715da77cb0bceba6917e9ae957412faaaa3ca90c8d15fb6b8225

Score

10^/10

macro macro_on_action

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://185.244.150.172/44483.353547338.dat

xlm40.dropper

http://185.123.53.220/44483.353547338.dat

xlm40.dropper

http://101.99.90.219/44483.353547338.dat

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://185.244.150.172/44483.2697261574.dat

xlm40.dropper

http://185.123.53.220/44483.2697261574.dat

xlm40.dropper

http://101.99.90.219/44483.2697261574.dat

Targets

- Target
  
  PRMS_558161433.xls
- Size
  
  134KB
- MD5
  
  ce9aef0eeccadcb8bbf463e2158e718c
- SHA1
  
  50ed2e5bbe1ac51ae8a26f005f17ba14ef30be88
- SHA256
  
  ad682974afe24641e8f2aa645a02f24bafd8595d6746ad789e4ef351807c6399
- SHA512
  
  f43a45179311a42e6d707bc1b01b87da7449ab4fce931ec119bcb2df5e4686907c2c204668fd715da77cb0bceba6917e9ae957412faaaa3ca90c8d15fb6b8225
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Extracted

Targets

Process spawned unexpected child process

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2