General

  • Target

    U2517601086.xls

  • Size

    264KB

  • Sample

    220518-ry8lesaha5

  • MD5

    0591c224535324764081eb46a7f64ddf

  • SHA1

    968a0a2e24c32e52e7a0fb2942a95a6a742c77ae

  • SHA256

    b0c52fae66a3490bd28cb077420e45ee50214ffcf7a00b3ca332d6f363d3bf4e

  • SHA512

    8f74da37c54272b03b8c17aa6243352e11771a42cbd36a4a828079c9fccc4fc1f8d3c816f9bacfc0caf0edb6dd4140eb0b8d1c21d991a948f32bd46a3793f6f9

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://mi-xiaomi.live/yTiN2JL7/K.png

xlm40.dropper

https://dev.apb.com.la/S1dBTV1yT/K.png

xlm40.dropper

https://assamcareer.news/PCYxZBpbfwN/K.png

Targets

    • Target

      U2517601086.xls

    • Size

      264KB

    • MD5

      0591c224535324764081eb46a7f64ddf

    • SHA1

      968a0a2e24c32e52e7a0fb2942a95a6a742c77ae

    • SHA256

      b0c52fae66a3490bd28cb077420e45ee50214ffcf7a00b3ca332d6f363d3bf4e

    • SHA512

      8f74da37c54272b03b8c17aa6243352e11771a42cbd36a4a828079c9fccc4fc1f8d3c816f9bacfc0caf0edb6dd4140eb0b8d1c21d991a948f32bd46a3793f6f9

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks