General

  • Target

    7f80dca38b281fd7659e09bea4c61fc2df6ec747b953748fa602646e4a0112ad.xls

  • Size

    91KB

  • Sample

    221110-npz15sbdcm

  • MD5

    36fe4c536f34a142d2fe6eb08998254a

  • SHA1

    25330c794b5b62fa48b570d423cc80ef61ec62bb

  • SHA256

    7f80dca38b281fd7659e09bea4c61fc2df6ec747b953748fa602646e4a0112ad

  • SHA512

    d718617037ee41d49427b1b28256c7c26d29232414371db9a37118a61fe28c57bb2c9adb7505d605b664414d6b31054e8488b626b6a2dd0bd22b1fe2c52fbe4e

  • SSDEEP

    1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4ZXz3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgu

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://www.conceptagency.net/css/b8eaKN/

xlm40.dropper

https://bencevendeghaz.hu/2zjoi/cwfKJOzA/

xlm40.dropper

http://45.32.114.141/xilte/Uqm6Eysf3Hkjwh/

xlm40.dropper

http://ruitaiwz.com/wp-admin/MXlp5IsUKwT1k0DtzT/

Targets

    • Target

      7f80dca38b281fd7659e09bea4c61fc2df6ec747b953748fa602646e4a0112ad.xls

    • Size

      91KB

    • MD5

      36fe4c536f34a142d2fe6eb08998254a

    • SHA1

      25330c794b5b62fa48b570d423cc80ef61ec62bb

    • SHA256

      7f80dca38b281fd7659e09bea4c61fc2df6ec747b953748fa602646e4a0112ad

    • SHA512

      d718617037ee41d49427b1b28256c7c26d29232414371db9a37118a61fe28c57bb2c9adb7505d605b664414d6b31054e8488b626b6a2dd0bd22b1fe2c52fbe4e

    • SSDEEP

      1536:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgqbCXuZH4gb4CEn9J4ZXz3:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgu

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks