General

  • Target

    ad77145e32332301831b4b5e92034bb22c043df8954c6592295bc9440b20b13c.xls

  • Size

    91KB

  • Sample

    221109-v761qsaha2

  • MD5

    6b7c7275e03d0dff7bcb4f69bf28c264

  • SHA1

    626b58585edbdafa6151183af2dae80349825ee7

  • SHA256

    ad77145e32332301831b4b5e92034bb22c043df8954c6592295bc9440b20b13c

  • SHA512

    80211aa98e9613435c89ac185d68023fcfae1be3fcfaf1100b2a907b811c83a49533e55ccd0903913290e1448f4596d8d35f4e724cb46416f7f294be4e2afc4b

  • SSDEEP

    1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEbCXuZH4gb4CEn9J4ZsEM:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgl

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://www.muyehuayi.com/cmp/8asA99KPsyA/v6lUsWbLen/

xlm40.dropper

http://concivilpa.com.py/wp-admin/i3CQu9dzDrMW/

xlm40.dropper

https://wijsneusmedia.nl/cgi-bin/kFB/

xlm40.dropper

http://www.angloextrema.com.br/assets/oEt1yYckHKlnNIq/

Targets

    • Target

      ad77145e32332301831b4b5e92034bb22c043df8954c6592295bc9440b20b13c.xls

    • Size

      91KB

    • MD5

      6b7c7275e03d0dff7bcb4f69bf28c264

    • SHA1

      626b58585edbdafa6151183af2dae80349825ee7

    • SHA256

      ad77145e32332301831b4b5e92034bb22c043df8954c6592295bc9440b20b13c

    • SHA512

      80211aa98e9613435c89ac185d68023fcfae1be3fcfaf1100b2a907b811c83a49533e55ccd0903913290e1448f4596d8d35f4e724cb46416f7f294be4e2afc4b

    • SSDEEP

      1536:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEbCXuZH4gb4CEn9J4ZsEM:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgl

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks