6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401.xls

General
Target

6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401.xls

Size

40KB

Sample

220521-v7z77aadc5

Score
10 /10
MD5

2d0bf2a42ae18ac57a4a99e7727ea85e

SHA1

1894cb10cea6a4757f3478753049c3311446370a

SHA256

6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401

SHA512

cee692e9084069fcb59f3e7a900a7f7fbfce59ae32849ff3b67ec3ed47f97b8ad05730e2f12cc8d6eb41f75745c565863d8a8fc28000cbc5ba8e5649deffb85d

Malware Config

Extracted

Language xlm4.0
Source
URLs
xlm40.dropper

https://www.itesmeitic.com/term/IFjx5ElE0ldr8wDDHjub/

Targets
Target

6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401.xls

MD5

2d0bf2a42ae18ac57a4a99e7727ea85e

Filesize

40KB

Score
10/10
SHA1

1894cb10cea6a4757f3478753049c3311446370a

SHA256

6c2d566fb4489948859301cd55c552eeae1d12e7e33ef4ca237653cd976a1401

SHA512

cee692e9084069fcb59f3e7a900a7f7fbfce59ae32849ff3b67ec3ed47f97b8ad05730e2f12cc8d6eb41f75745c565863d8a8fc28000cbc5ba8e5649deffb85d

Signatures

  • Process spawned unexpected child process

    Description

    This typically indicates the parent process was compromised via an exploit or macro.

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        8/10

                        behavioral1

                        1/10

                        behavioral2

                        10/10