Overview

overview

10

Static

static

8

c2552936256.xls

windows10_x64

10

Resubmissions

19-05-2022 10:07

220519-l532madhe4 10

18-05-2022 15:56

220518-tdmvbsebhq 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c2552936256.xls

  • Size

    264KB

  • Sample

    220518-tdmvbsebhq

  • MD5

    0591c224535324764081eb46a7f64ddf

  • SHA1

    968a0a2e24c32e52e7a0fb2942a95a6a742c77ae

  • SHA256

    b0c52fae66a3490bd28cb077420e45ee50214ffcf7a00b3ca332d6f363d3bf4e

  • SHA512

    8f74da37c54272b03b8c17aa6243352e11771a42cbd36a4a828079c9fccc4fc1f8d3c816f9bacfc0caf0edb6dd4140eb0b8d1c21d991a948f32bd46a3793f6f9

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://mi-xiaomi.live/yTiN2JL7/K.png
xlm40.dropper

https://dev.apb.com.la/S1dBTV1yT/K.png
xlm40.dropper

https://assamcareer.news/PCYxZBpbfwN/K.png

Targets

    • Target

      c2552936256.xls

    • Size

      264KB

    • MD5

      0591c224535324764081eb46a7f64ddf

    • SHA1

      968a0a2e24c32e52e7a0fb2942a95a6a742c77ae

    • SHA256

      b0c52fae66a3490bd28cb077420e45ee50214ffcf7a00b3ca332d6f363d3bf4e

    • SHA512

      8f74da37c54272b03b8c17aa6243352e11771a42cbd36a4a828079c9fccc4fc1f8d3c816f9bacfc0caf0edb6dd4140eb0b8d1c21d991a948f32bd46a3793f6f9

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks