Overview

overview

10

Static

static

8

utente_9139.xls

windows7_x64

10

utente_9139.xls

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    640ad9df5b20ba2327365e2521a7a323cf798c948e9830e9c5cf8a761c976d20

  • Size

    87KB

  • Sample

    220521-m8qfdadcc9

  • MD5

    890c4c05415a6ed006b9e25aa3cc5290

  • SHA1

    fb67d36e930e95cc2d53935bf23d62f27bb564b6

  • SHA256

    640ad9df5b20ba2327365e2521a7a323cf798c948e9830e9c5cf8a761c976d20

  • SHA512

    42e3b2f64f6889816188902dbc3168bdcf71b0ad7ba80309dc4802b56bab4ed9e170940d0ab96abf6a32b803241918193934f42fa83e45a2ead17a24c8e5707f

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://line.winneratlaw.com/setup.exe

Targets

    • Target

      utente_9139.xls

    • Size

      197KB

    • MD5

      d82a33041941c0e5ec5e9b75f49f35cf

    • SHA1

      4004f1050d5f525d289d2fbccf27f3ef118ea82f

    • SHA256

      c83c1b46cbb71b300188adc0f9890bc2fb9a82a8a2564d8e7f7bbb1635beb1e4

    • SHA512

      f6a1cadeb3e03c497030dafe9daa8630a6af85da5ebc1580810cdea379d2e870c710d3554b523454a6c501ee13ede5254727250a0170fbfc1c8da76f7630fa11

    Score
    10/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks