Overview

overview

10

Static

static

8

document-2...69.xls

windows7-x64

10

document-2...69.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    507ccafbc9a5a695fe24dda6bd3e22ef_JaffaCakes118

  • Size

    375KB

  • Sample

    240716-3as2lsvemp

  • MD5

    507ccafbc9a5a695fe24dda6bd3e22ef

  • SHA1

    c728a46c752984e40cd682dc9cbef00e517905d5

  • SHA256

    d64a4bc5a53e92c3c103fc2fb2c36a4e87dee2eed0cf12f3a3ad8d9b1f921d1e

  • SHA512

    2f6325065e41e3dc79f94448ab96f8af784a320a38d2f32dfb07873acad97aae1bf3aa5662731f2b1808030d4533dc473ba5a001c9ca69c347df08f7fe6857e5

  • SSDEEP

    6144:T72PdFVk2fDw/gljuzasZ1Jxog5EXnSksMPIKRFkWns9groUKNrCdl48l3PinRVu:/2fVk2fDwu4ae2g2vsMfPnOgroHNrCdP

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://app.itmagf.com/ds/1702.gif

Targets

    • Target

      document-2009388069.xls

    • Size

      315KB

    • MD5

      5b0b2913a724711bcf2f01821c93d205

    • SHA1

      e64aac1ffe55d90519a489f4eb60b882ea34a10d

    • SHA256

      facad0c1aeb04ece3d6f82cc217cc0a2c256db16bf648cd910d7675de4384178

    • SHA512

      5141aa6b630de453aa95e929afef0d6159d1a063d86cad43a9f43ca73765da3c33a5261ae0023c30ad219b59bd5a5a8e76baef2425cbe7cd097167bdac8f18e8

    • SSDEEP

      6144:VcKoSsxzNDZLDZjlbR868O8KlVH3l+cq7uDphYHceXVhca+fMHLty/xcl8OR4Pio:nWr0IRHM4p+3DavLhQS

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks