03d63fec183d453d5af0759707f4967296827ce2e2454e90e86fb95bf1586977

General
Target

03d63fec183d453d5af0759707f4967296827ce2e2454e90e86fb95bf1586977

Size

102KB

Sample

220521-m9wzjsgdfp

Score
10 /10
MD5

0a7e92be902c6dc59f15b048c44d8b42

SHA1

078fd5bc6f6c1c503dbbbf81f733b3bbc8ec75f7

SHA256

03d63fec183d453d5af0759707f4967296827ce2e2454e90e86fb95bf1586977

SHA512

097d5d47b6c75a3de1f606c1fc25675c8df574442a2f76f8c3fb3b11135cb1060ec3d07adbf217d3b46830f147d4eb74367c98f90bd1875d6e9bc53f82c3c298

Malware Config

Extracted

Language xlm4.0
Source
URLs
xlm40.dropper

http://gstat.securityguardlisting.com/setup.exe

Targets
Target

utente_3405.xls

MD5

2e2c9f07f99791d6482e4839b95ec1ef

Filesize

235KB

Score
10/10
SHA1

ebf4b8097462d1fdbfdc395a563aa45f9aa2644c

SHA256

736ee17f187c4f39f8eb34f1f762ef0acb5a692cd9031cb5d8d6dc63edbf844f

SHA512

8e322879cf17fcce845c2de2b99a05f16230a6513a7c61333908aca7c0dfc98c6cad4bfd3afb4785addba034e3c6b8a36cf29f7accef75252591a7b62a5d89ae

Signatures

  • Enumerates connected drives

    Description

    Attempts to read the root path of hard drives other than the default C: drive.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      8/10

                      behavioral1

                      10/10

                      behavioral2

                      10/10