General

  • Target

    2307809256ad4b733e0798c1e2ed00735af2738d539f952c400e70166f41b17d.xls

  • Size

    91KB

  • Sample

    221110-l7rflsghd3

  • MD5

    6169efdebdc1f6425a3efaa5d7ed7b4a

  • SHA1

    b00abed186aa45dcc63e536ecea2518e6a93a1aa

  • SHA256

    2307809256ad4b733e0798c1e2ed00735af2738d539f952c400e70166f41b17d

  • SHA512

    41db4c1e3790b54607de25ece8b5638e9b8ab30fd94966d8cb4c157c6c9225c00459aefc1571b1085bfa6ecc422eab42605c316aaa52a0639770835ee1c6ceb5

  • SSDEEP

    1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4ZXz3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgm

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://www.conceptagency.net/css/b8eaKN/

xlm40.dropper

https://bencevendeghaz.hu/2zjoi/cwfKJOzA/

xlm40.dropper

http://45.32.114.141/xilte/Uqm6Eysf3Hkjwh/

xlm40.dropper

http://ruitaiwz.com/wp-admin/MXlp5IsUKwT1k0DtzT/

Targets

    • Target

      2307809256ad4b733e0798c1e2ed00735af2738d539f952c400e70166f41b17d.xls

    • Size

      91KB

    • MD5

      6169efdebdc1f6425a3efaa5d7ed7b4a

    • SHA1

      b00abed186aa45dcc63e536ecea2518e6a93a1aa

    • SHA256

      2307809256ad4b733e0798c1e2ed00735af2738d539f952c400e70166f41b17d

    • SHA512

      41db4c1e3790b54607de25ece8b5638e9b8ab30fd94966d8cb4c157c6c9225c00459aefc1571b1085bfa6ecc422eab42605c316aaa52a0639770835ee1c6ceb5

    • SSDEEP

      1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4ZXz3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgm

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks