60fc848091eafe401d61c2db10ed05fbe031368b67f6ea444cd249fea64b7e0f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10b5e1076c60457058da585c559d6096.xlsx
Size

12KB
Sample

240105-nykykscab4
MD5

10b5e1076c60457058da585c559d6096
SHA1

22779b8b7cbb0d643bc4f67f7c51ad32de24a014
SHA256

60fc848091eafe401d61c2db10ed05fbe031368b67f6ea444cd249fea64b7e0f
SHA512

bc61f0d2ff58e07d4e392eb980e960047b62c18adca962c36af83b9d54fc59176fc64e287f28ab108c4ce8571ed6acc21684239a0e5959cb36605a51263fa598
SSDEEP

192:tbSEj9NByvR6m+HzmaPYLQQav/1E28+ms1EbOuH:VSEJoRF+HzmaUQQu/1E28Hs1fS

Score

10^/10

macro xlm

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://transfer.sh/get/1p9idor/d.exe

Targets

- Target
  
  10b5e1076c60457058da585c559d6096.xlsx
- Size
  
  12KB
- MD5
  
  10b5e1076c60457058da585c559d6096
- SHA1
  
  22779b8b7cbb0d643bc4f67f7c51ad32de24a014
- SHA256
  
  60fc848091eafe401d61c2db10ed05fbe031368b67f6ea444cd249fea64b7e0f
- SHA512
  
  bc61f0d2ff58e07d4e392eb980e960047b62c18adca962c36af83b9d54fc59176fc64e287f28ab108c4ce8571ed6acc21684239a0e5959cb36605a51263fa598
- SSDEEP
  
  192:tbSEj9NByvR6m+HzmaPYLQQav/1E28+ms1EbOuH:VSEJoRF+HzmaUQQu/1E28Hs1fS
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2