cc7606cab45000135029148cb1592d5ef0a91a3a6f335d81b5cac8bb721c31a3

General

Target

cc7606cab45000135029148cb1592d5ef0a91a3a6f335d81b5cac8bb721c31a3.xls
Size

217KB
Sample

221103-zff3fshafr
MD5

e5e3cf09c3fd4e1066338dc200f804e1
SHA1

b5c16447019c6e189c3223b0eb664881abb91091
SHA256

cc7606cab45000135029148cb1592d5ef0a91a3a6f335d81b5cac8bb721c31a3
SHA512

2dba84bb75b45a0b71a0bb6fa359ebd1f2d9adc664957bc4d1bbc5575079e59d6c6488a71e6cc7ef7bae425713c4038f7654dfbd05dd2bbe45b3b22d29c4223e
SSDEEP

6144:OKpb8rGYrMPe3q7Q0XV5xtuEsi8/dg8yY+TAQXTHGUMEyP5p6f5jQmB:nbGUMVWlbB

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://kabaruntukrakyat.com/wp-content/B9oJ0jh/

xlm40.dropper

http://coinkub.com/wp-content/WwrJvjumS/

xlm40.dropper

https://aberractivity.hu/iqq/Dmtv/

xlm40.dropper

https://anamafegarcia.es/css/HfFXMTXvc40t/

Targets

- Target
  
  cc7606cab45000135029148cb1592d5ef0a91a3a6f335d81b5cac8bb721c31a3.xls
- Size
  
  217KB
- MD5
  
  e5e3cf09c3fd4e1066338dc200f804e1
- SHA1
  
  b5c16447019c6e189c3223b0eb664881abb91091
- SHA256
  
  cc7606cab45000135029148cb1592d5ef0a91a3a6f335d81b5cac8bb721c31a3
- SHA512
  
  2dba84bb75b45a0b71a0bb6fa359ebd1f2d9adc664957bc4d1bbc5575079e59d6c6488a71e6cc7ef7bae425713c4038f7654dfbd05dd2bbe45b3b22d29c4223e
- SSDEEP
  
  6144:OKpb8rGYrMPe3q7Q0XV5xtuEsi8/dg8yY+TAQXTHGUMEyP5p6f5jQmB:nbGUMVWlbB
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Process spawned unexpected child process

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2