23e42fefa0ba9cd1c3c26a5b6d82a59630cad4d83b5183c4d89a1903aebd93b5 | Triage

Submit
Reports

Overview

overview

Static

static

8

e95a1d9f86...7.xlsm

windows7_x64

e95a1d9f86...7.xlsm

windows10-2004_x64

Sharing

General

Target

6120429106921472.zip
Size

97KB
Sample

220119-g6l3aafffk
MD5

221c7a52408ac90cc41a99c2830e07a5
SHA1

3a33c83fed1d2ff73622b3528c6f393081a52034
SHA256

23e42fefa0ba9cd1c3c26a5b6d82a59630cad4d83b5183c4d89a1903aebd93b5
SHA512

a04714f7654693d1d54555e39a2e8afddb0e7be1d1153e38b5161f9d33795557d90b4ee24c8756d746267cee0a7090c30ed649c86e0d8d4d5a84c13e4c19c926

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

e95a1d9f8651d516e59ddffadc5fd94a499b888077d6cc60ee5cc1b95c1f91e7.xlsm

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e95a1d9f8651d516e59ddffadc5fd94a499b888077d6cc60ee5cc1b95c1f91e7.xlsm

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

http://0056.0151.0121.0114/c.html

Targets

- Target
  
  e95a1d9f8651d516e59ddffadc5fd94a499b888077d6cc60ee5cc1b95c1f91e7
- Size
  
  110KB
- MD5
  
  a3c1eee45b2ee65f5f0fda091c3b9bfe
- SHA1
  
  1bd37dfba56924ab73ce9f6da17a946715b6a76a
- SHA256
  
  e95a1d9f8651d516e59ddffadc5fd94a499b888077d6cc60ee5cc1b95c1f91e7
- SHA512
  
  ec072cf278b55e4b5e283ebb49aacf924cda7e83a2004c84264a4b1d47b3fb280b6313740fd77df2ac59f007a8f4535f5219a010b1d02a7dd1718f39eca3359e
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy