General

  • Target

    51d847c23ad044c5eb6f69d794822cada128f5e2caf62caee10462978149aec1.xls

  • Size

    91KB

  • Sample

    221110-nbcnpabcaq

  • MD5

    31b395e2441e41447a353e3de61e2d8e

  • SHA1

    b0705fc113d6507e82bbac6250413c224be9c64f

  • SHA256

    51d847c23ad044c5eb6f69d794822cada128f5e2caf62caee10462978149aec1

  • SHA512

    56f5ada70f61eda6019b9d36e6b855d692310c23189929ff11897c34f88d4ce86827517f6c88010500a1165b6b723993832cae43e658e654615391a265d2fb5f

  • SSDEEP

    1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4Z3z3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://www.conceptagency.net/css/b8eaKN/

xlm40.dropper

https://bencevendeghaz.hu/2zjoi/cwfKJOzA/

xlm40.dropper

http://45.32.114.141/xilte/Uqm6Eysf3Hkjwh/

xlm40.dropper

http://ruitaiwz.com/wp-admin/MXlp5IsUKwT1k0DtzT/

Targets

    • Target

      51d847c23ad044c5eb6f69d794822cada128f5e2caf62caee10462978149aec1.xls

    • Size

      91KB

    • MD5

      31b395e2441e41447a353e3de61e2d8e

    • SHA1

      b0705fc113d6507e82bbac6250413c224be9c64f

    • SHA256

      51d847c23ad044c5eb6f69d794822cada128f5e2caf62caee10462978149aec1

    • SHA512

      56f5ada70f61eda6019b9d36e6b855d692310c23189929ff11897c34f88d4ce86827517f6c88010500a1165b6b723993832cae43e658e654615391a265d2fb5f

    • SSDEEP

      1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4Z3z3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgG

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks