a04583c987a653c371c257491ea5956ba53731723e7754acfecd211460128d3a | Triage

Submit
Reports

Overview

overview

Static

static

1

1c92644732...88.xll

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

9821538398.zip
Size

474KB
Sample

230401-2tcy3adc38
MD5

fbe8a23b05595782d717ad8a0700f3d6
SHA1

92a5807cbdae0b70d2523308150a1c48c79ef9ab
SHA256

a04583c987a653c371c257491ea5956ba53731723e7754acfecd211460128d3a
SHA512

7fae6e03770738e3315381dea170ee4447598c4351b96e8f6ec76c4508f0b5cc3b518e6c7a6bc43776eb98ded175182aa50863211e610d40d3b0959efee8297d
SSDEEP

12288:vLAiLMriqT8/nzAoTnxSFLWFULIqxTVUBLZsIU+C:b1qRo7xSNXICeb3+

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

1c9264473281f0d5144912a8c05d803697c7da8707cd5607017e6936d2fa1588.xll

Resource

win10-20230220-en

windows10-1703-x64

14 signatures

150 seconds

Malware Config

Extracted

Language

xlm4.0

Source

Targets

- Target
  
  1c9264473281f0d5144912a8c05d803697c7da8707cd5607017e6936d2fa1588
- Size
  
  718KB
- MD5
  
  11f82e84e17670912b1f93c827ed7f35
- SHA1
  
  d5f4e666ca2b2cab3451ff784659cc22b4957a49
- SHA256
  
  1c9264473281f0d5144912a8c05d803697c7da8707cd5607017e6936d2fa1588
- SHA512
  
  ef57cb2d05947dbdaa1bb561e58cc8248a3a13c6484017df2b074b9170c2f296a0c063d5252190662e669035ba885fea946734e452805770a66c9c510f2df914
- SSDEEP
  
  12288:5n/zDvGHAykHSzLW/4+8bzbBSreMdCQ4gLuUkvSK/7gFK/UqW53:dzbGHAzHAjX1yq3vSK/rcL
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy