Overview

overview

10

Static

static

8

d6fb987e80...fa.xls

windows7-x64

10

d6fb987e80...fa.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6fb987e802130e7de6d4c6350d52fd88156972cef46c70d41df0fffaab9e6fa

  • Size

    126KB

  • Sample

    241119-x6g2bs1gnk

  • MD5

    6d7e70488b72039ec6b317c295e7c3de

  • SHA1

    251fd3ab45e08e5bf01826f8a7ddf4338831ebd0

  • SHA256

    d6fb987e802130e7de6d4c6350d52fd88156972cef46c70d41df0fffaab9e6fa

  • SHA512

    d2354fe576ae76ce0c6b39edfeec4168037e80ac05a647c884c4346d9cb68522bf6b5b9ab361078ca7c6144b75a4affb60667e1b24d9cad291b98455a76b8dbc

  • SSDEEP

    3072:EsKpbdrHYrMue8q7QPX+5xtekEdi8/dgj3Siz+3z4Icu6hlCo:7KpbdrHYrMue8q7QPX+5xtFEdi8/dgj5

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://www.forensisbilisim.com/ankara/bplsmKfaKAwAyavNj/
xlm40.dropper

https://www.faitmaison.uk/wp-admin/BZMoK/
xlm40.dropper

http://www.fahriefe.com.tr/yargitaykararlari/aVg/
xlm40.dropper

http://www.parapetyrs.cz/wp-content/uploads/UTnG7GKKkZf/
xlm40.dropper

https://www.whow.fr/wp-includes/aZo78JmHBoEmW6fVQ/
xlm40.dropper

http://www.drcno.sk/_sub/FcEgwPugDI7wr2/

Targets

    • Target

      d6fb987e802130e7de6d4c6350d52fd88156972cef46c70d41df0fffaab9e6fa

    • Size

      126KB

    • MD5

      6d7e70488b72039ec6b317c295e7c3de

    • SHA1

      251fd3ab45e08e5bf01826f8a7ddf4338831ebd0

    • SHA256

      d6fb987e802130e7de6d4c6350d52fd88156972cef46c70d41df0fffaab9e6fa

    • SHA512

      d2354fe576ae76ce0c6b39edfeec4168037e80ac05a647c884c4346d9cb68522bf6b5b9ab361078ca7c6144b75a4affb60667e1b24d9cad291b98455a76b8dbc

    • SSDEEP

      3072:EsKpbdrHYrMue8q7QPX+5xtekEdi8/dgj3Siz+3z4Icu6hlCo:7KpbdrHYrMue8q7QPX+5xtFEdi8/dgj5

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks