General

  • Target

    xlwings-0.31.10-cp38-cp38-win_amd64.whl

  • Size

    1.6MB

  • Sample

    241014-xtl5hsvfqn

  • MD5

    6bcbcd7db01582157ef54b447c02f5c2

  • SHA1

    1edcb95f79687f07fb2f7241a8de738a8b130077

  • SHA256

    1a09dc33b327233b2aa4cfddd0379600153e8d2ccb89b70de1336f1bc2c93c49

  • SHA512

    a11dca905e327e5de9dd3db7f3b4c11b68e5163a122a2978d4e293408c5ab3d06f0395e0556b58770af324baf65d0f9a8da5da18e76c9906a0b46a89502f348a

  • SSDEEP

    49152:NnSBbSGU0rRrCySLz4HydDzKPXOPUYrSsK:EBy0lrBSmyx7PUYjK

Score
8/10

Malware Config

Targets

    • Target

      xlwings-0.31.10-cp38-cp38-win_amd64.whl

    • Size

      1.6MB

    • MD5

      6bcbcd7db01582157ef54b447c02f5c2

    • SHA1

      1edcb95f79687f07fb2f7241a8de738a8b130077

    • SHA256

      1a09dc33b327233b2aa4cfddd0379600153e8d2ccb89b70de1336f1bc2c93c49

    • SHA512

      a11dca905e327e5de9dd3db7f3b4c11b68e5163a122a2978d4e293408c5ab3d06f0395e0556b58770af324baf65d0f9a8da5da18e76c9906a0b46a89502f348a

    • SSDEEP

      49152:NnSBbSGU0rRrCySLz4HydDzKPXOPUYrSsK:EBy0lrBSmyx7PUYjK

    Score
    8/10
    • Suspicious Office macro

      Office document equipped with macros.

    • Target

      xlwings/addin/xlwings.xlam

    • Size

      241KB

    • MD5

      921256fa68924042299a2c7f60068d2f

    • SHA1

      f8694ad6db76ed292b1ae193c46c65060aa8ba39

    • SHA256

      3423a8a1ef6830efbffbb887e23be0c917b40fd894adc740361346f5d3b3eac8

    • SHA512

      afa656a4cd8825e9081f2b446ebf10a3d56922bf7a0f97a8e54e6329a9d2aa3be7a885c36e75d57330728cbc5e1031a0b5bc374a730c337a1d4155fcb6e4fe7c

    • SSDEEP

      6144:OoyXbMSihypExZrT8abfsaY0VwpfJ93BifL8XgaTV/G:WMhxZkazs7pB93BiT8X3TZG

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks