Overview

overview

10

Static

static

8

60b394d731...fb.xls

windows7-x64

10

60b394d731...fb.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60b394d7311f20c315f9deaf5f7baf58eacfa87516e5c7d69ae7832986c5b6fb

  • Size

    126KB

  • Sample

    241120-2tzg3avdlh

  • MD5

    e247aaa372031fc38e6ba1896ff475b0

  • SHA1

    c0c614584b737d95ac8d7aeea5f21825936a5351

  • SHA256

    60b394d7311f20c315f9deaf5f7baf58eacfa87516e5c7d69ae7832986c5b6fb

  • SHA512

    56fe7189a26896dc7c048b188f4dcce118c5b3b7919f5ac20dfb1c2e1a810020560a3880ba56938b4bf590b78238ab1431137d55390a22fc3d589f94e89cc5ba

  • SSDEEP

    3072:LsKpbdrHYrMue8q7QPX+5xtekEdi8/dgR3Syz+nzQIceCRlC9:QKpbdrHYrMue8q7QPX+5xtFEdi8/dgRc

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://med.devsrm.com/wp-content/gtOOTHi3zkUbn8U6/
xlm40.dropper

http://izytalab.com/includes/1mafAX0kOa/
xlm40.dropper

https://pcsolutionss.com/zSlT4HR92TiOpw5NM/
xlm40.dropper

http://www.doctorcasenave.com/wp-content/O2Z1HMebIXiHYBBS/
xlm40.dropper

https://wpl28.realtyna.com/wp-content/0b0ny5cPM/
xlm40.dropper

http://www.efcballjoint.com/Template/AxEZPOfAa9/

Targets

    • Target

      60b394d7311f20c315f9deaf5f7baf58eacfa87516e5c7d69ae7832986c5b6fb

    • Size

      126KB

    • MD5

      e247aaa372031fc38e6ba1896ff475b0

    • SHA1

      c0c614584b737d95ac8d7aeea5f21825936a5351

    • SHA256

      60b394d7311f20c315f9deaf5f7baf58eacfa87516e5c7d69ae7832986c5b6fb

    • SHA512

      56fe7189a26896dc7c048b188f4dcce118c5b3b7919f5ac20dfb1c2e1a810020560a3880ba56938b4bf590b78238ab1431137d55390a22fc3d589f94e89cc5ba

    • SSDEEP

      3072:LsKpbdrHYrMue8q7QPX+5xtekEdi8/dgR3Syz+nzQIceCRlC9:QKpbdrHYrMue8q7QPX+5xtFEdi8/dgRc

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks