Overview

overview

10

Static

static

8

70bd0142f6...a5.xls

windows7-x64

10

70bd0142f6...a5.xls

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    70bd0142f6f2aeef9cd3364a6505bea5

  • Size

    36KB

  • Sample

    231226-qbhk2sfbdm

  • MD5

    70bd0142f6f2aeef9cd3364a6505bea5

  • SHA1

    11020a05173c3c325fb7f61f879c413d3837285c

  • SHA256

    3553f8a419381839e8380d87fea969fafaf6ddeef21cec2017c8c0535ec34d8f

  • SHA512

    239788007aeca08c99c3178bf1440c5a950b282134e8a0b590f0723704ec6628dfb1f59f83e96e1c9ba8472e1087bb53c5616c390f9a9609ba0d4d6a9a26d8fa

  • SSDEEP

    768:FPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJPcrx8xRuKiymQPh:tok3hbdlylKsgqopeJBWhZFGkE+cL2NO

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php
xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      70bd0142f6f2aeef9cd3364a6505bea5

    • Size

      36KB

    • MD5

      70bd0142f6f2aeef9cd3364a6505bea5

    • SHA1

      11020a05173c3c325fb7f61f879c413d3837285c

    • SHA256

      3553f8a419381839e8380d87fea969fafaf6ddeef21cec2017c8c0535ec34d8f

    • SHA512

      239788007aeca08c99c3178bf1440c5a950b282134e8a0b590f0723704ec6628dfb1f59f83e96e1c9ba8472e1087bb53c5616c390f9a9609ba0d4d6a9a26d8fa

    • SSDEEP

      768:FPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJPcrx8xRuKiymQPh:tok3hbdlylKsgqopeJBWhZFGkE+cL2NO

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks