Overview

overview

10

Static

static

8

e2dd858562...3c.xls

windows7-x64

10

e2dd858562...3c.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2dd858562254ad599d9b2394e8c791ff815b52336671caf6bd9f49a24a91f3c

  • Size

    101KB

  • Sample

    241120-1qpysaynbl

  • MD5

    bf181c10b3250c1df357cf5734c960a1

  • SHA1

    98fb0ebbe314962a5f54e50e8995a45d5c6de389

  • SHA256

    e2dd858562254ad599d9b2394e8c791ff815b52336671caf6bd9f49a24a91f3c

  • SHA512

    7333d8ad009ae66978780747d46c77c5ed29a1bc67d7ebdb4a130a4aedee706250f044a91b2310bf6acfc177354b4c32ecca55898dfdc4da4a55a73d76f865c5

  • SSDEEP

    3072:RKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+/bOZzbqkn6RND9fxuss8OG:RKpb8rGYrMPe3q7Q0XV5xtuE8vG8UM+/

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://decorusfinancial.com/wp-content/7dODakeZZ83fJi/
xlm40.dropper

https://e-kinerja.ntbprov.go.id/aset/sAeaEvaSxGhvnsuFE/
xlm40.dropper

http://facts-jo.com/init/jLQY2FpesnIGi0qHqz/
xlm40.dropper

http://fashionbyprincessmelodicaah.com/4185PINT/jwh2cwjFHLZL/
xlm40.dropper

http://easiercommunications.com/wp-content/yqNxi8IKbRIt7akB/

Targets

    • Target

      e2dd858562254ad599d9b2394e8c791ff815b52336671caf6bd9f49a24a91f3c

    • Size

      101KB

    • MD5

      bf181c10b3250c1df357cf5734c960a1

    • SHA1

      98fb0ebbe314962a5f54e50e8995a45d5c6de389

    • SHA256

      e2dd858562254ad599d9b2394e8c791ff815b52336671caf6bd9f49a24a91f3c

    • SHA512

      7333d8ad009ae66978780747d46c77c5ed29a1bc67d7ebdb4a130a4aedee706250f044a91b2310bf6acfc177354b4c32ecca55898dfdc4da4a55a73d76f865c5

    • SSDEEP

      3072:RKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+/bOZzbqkn6RND9fxuss8OG:RKpb8rGYrMPe3q7Q0XV5xtuE8vG8UM+/

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks