Overview

overview

10

Static

static

8

Complaint-...1.xlsm

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Complaint-1651432971-05062021.xlsm

  • Size

    109KB

  • Sample

    231116-fw2jjsha3z

  • MD5

    a16af09a92160730f88e2edf8afeb503

  • SHA1

    99538a6f27c39017c1d4748c39e379874c57c2ce

  • SHA256

    89202efc43edc8ede0987ff2c989a018af747781566a988f0fbebc6a779398e8

  • SHA512

    ff6b2d1e87595d3ccbdc7dcc8d4ea395411a8b3aa391163738580790655975efc14a5163265f6392f1f7dc1bc437236d322831ad57c2634286576d4688e09819

  • SSDEEP

    3072:3gQvKINbjvw548LMb/oqKO8NnS8+60Kc/A+:aAbT648LM7D98Np+ER+

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://91.211.91.82/44313,6048108796.dat
xlm40.dropper

http://82.117.252.199/44313,6048108796.dat
xlm40.dropper

http://45.138.157.43/44313,6048108796.dat

Targets

    • Target

      Complaint-1651432971-05062021.xlsm

    • Size

      109KB

    • MD5

      a16af09a92160730f88e2edf8afeb503

    • SHA1

      99538a6f27c39017c1d4748c39e379874c57c2ce

    • SHA256

      89202efc43edc8ede0987ff2c989a018af747781566a988f0fbebc6a779398e8

    • SHA512

      ff6b2d1e87595d3ccbdc7dcc8d4ea395411a8b3aa391163738580790655975efc14a5163265f6392f1f7dc1bc437236d322831ad57c2634286576d4688e09819

    • SSDEEP

      3072:3gQvKINbjvw548LMb/oqKO8NnS8+60Kc/A+:aAbT648LM7D98Np+ER+

    Score
    10/10
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks