13294b459f5818173f0eddd6e90f6737b8e5c0ef0f83eac4766f7e902558f010

General

Target

44bf9208061fc6ffa4a54bd7dd501555
Size

233KB
Sample

231219-r1yh8sfggq
MD5

44bf9208061fc6ffa4a54bd7dd501555
SHA1

51db6d6d78e22361310d527d8a457d21650ecb75
SHA256

13294b459f5818173f0eddd6e90f6737b8e5c0ef0f83eac4766f7e902558f010
SHA512

07587e386175f41230863e19ca180bd8772973670148b3c6a2a600ac17aa34a6b42fc83aed17f7db204c621659c496e6902134e415796ec6034a9692304b6256
SSDEEP

6144:9Kpb8rGYrMPe3q7Q0XV5xtuEsi8/dgC93WPcZZRRrq1RObTwvOkPDklgvS3+nQ7D:B93tDrmcbTwvzD63fLvfP1GO1

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://maxdigitizing.com/wAbCNMUm/pp.html

xlm40.dropper

https://turnipshop.com/ihiRzoi1/pp.html

xlm40.dropper

https://dynamiclifts.co.in/1PWQQcv0D/pp.html%20

Targets

- Target
  
  44bf9208061fc6ffa4a54bd7dd501555
- Size
  
  233KB
- MD5
  
  44bf9208061fc6ffa4a54bd7dd501555
- SHA1
  
  51db6d6d78e22361310d527d8a457d21650ecb75
- SHA256
  
  13294b459f5818173f0eddd6e90f6737b8e5c0ef0f83eac4766f7e902558f010
- SHA512
  
  07587e386175f41230863e19ca180bd8772973670148b3c6a2a600ac17aa34a6b42fc83aed17f7db204c621659c496e6902134e415796ec6034a9692304b6256
- SSDEEP
  
  6144:9Kpb8rGYrMPe3q7Q0XV5xtuEsi8/dgC93WPcZZRRrq1RObTwvOkPDklgvS3+nQ7D:B93tDrmcbTwvzD63fLvfP1GO1
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Process spawned unexpected child process

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2