Overview

overview

10

Static

static

8

5c2a9e3b1d...6a.xls

windows7-x64

10

5c2a9e3b1d...6a.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0e873197ae696b958d48f006cbc8d939a2cfcb65466368494dfcc4ea61d92b6a

  • Size

    42KB

  • Sample

    241120-dnbbaazfmk

  • MD5

    b0e387d2a3224b4eb8f14c1d1679e1d6

  • SHA1

    0ead898aa41b8a53b083725962c1961247ceb2e1

  • SHA256

    0e873197ae696b958d48f006cbc8d939a2cfcb65466368494dfcc4ea61d92b6a

  • SHA512

    f5e42d17d0b004dab6e68966be98c274a0a30f90a5d9f30cf7fa2c1f43d5e4f920c91da41db087d4dabf0086cd2ff7df0f70cf0419ba14125599cca5de8a2d1e

  • SSDEEP

    768:XzfqlypKctmsNNzBVW0yqo/B1f6kgjoYNEk5DVPGHvefvxkynGo3jBFpC0ymGS6/:XumVyTH/ORH5DNGHSGoTHpF6GW3oyzgk

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://microlent.com/admin/GgoC/
xlm40.dropper

http://mississaugataxi.com/wp-admin/KVoCiQwgjrtavei4x/
xlm40.dropper

http://mivaria.com/owl-carousel/E6pKFPlGuUW3/
xlm40.dropper

http://www.mobilhondabandung.net/ssti/yYrvmJgjpFHHe/
xlm40.dropper

http://elamurray.com/cgi-bin/sPgG8g/
xlm40.dropper

http://mgmeurope.sk/dwl/rrqU9XYAzgAVneYOhI/

Targets

    • Target

      5c2a9e3b1d3063e986fc1b15a4b5633fce6fede8256b399e52899c49dcd8d16a

    • Size

      73KB

    • MD5

      f2da11e637ebd62e41982a39f9d176ad

    • SHA1

      cbba9d248912d0d36312f79fb0849aa7dfaeb9f5

    • SHA256

      5c2a9e3b1d3063e986fc1b15a4b5633fce6fede8256b399e52899c49dcd8d16a

    • SHA512

      d86e4f3a122067b84230e3386b2a8eed38c41edf0f94ab2885936a4e4edeadcf324d0407f6d0ad612d0ee318025fe8387180c2882d5037ad2016d58725ceb3e8

    • SSDEEP

      1536:DaKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgjAezwrMC1vJec/RtbIHjz:eKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgL

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks