Overview

overview

10

Static

static

8

e2b487d7ff...83.xls

windows7-x64

10

e2b487d7ff...83.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2b487d7ff1c36cd7030aa9accb61b4b1700e132a81df5ff4a96e54beb0e6b83

  • Size

    70KB

  • Sample

    241120-ktgtksyqek

  • MD5

    dbcb67132bb873390c8eac326957ffef

  • SHA1

    ba6040128e7780664427497655a777641f07b330

  • SHA256

    e2b487d7ff1c36cd7030aa9accb61b4b1700e132a81df5ff4a96e54beb0e6b83

  • SHA512

    2418f3e273d549ccec67e74538b61aa5b3577cdd9969504898bbc56d9a56e5798c721e7c332c95218d82baa808a8c668f8f7b5885828073753640594faee135c

  • SSDEEP

    1536:tOKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+1YW/ESKQHS1yXJFa5etSv:AKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM5

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://congtycamvinh.com/plugins/jG3iqpQaTL1TXYMolH/
xlm40.dropper

http://ecube.com.mx/e2oCWBnC/6wp2K4sfQmVIRy6ZvdiH/
xlm40.dropper

http://dulichdichvu.net/libraries/6vhzwoZoNDSMtSC/
xlm40.dropper

http://gnif.org/administrator/G68HwUGlKNJNU2vh5cz/
xlm40.dropper

https://edoraseguros.com.br/cgi-bin/l7ZERv5deNsfzlZUZ/
xlm40.dropper

https://sanoma.allrent.nl/cgi-bin/KXbI5OhLJ/

Targets

    • Target

      e2b487d7ff1c36cd7030aa9accb61b4b1700e132a81df5ff4a96e54beb0e6b83

    • Size

      70KB

    • MD5

      dbcb67132bb873390c8eac326957ffef

    • SHA1

      ba6040128e7780664427497655a777641f07b330

    • SHA256

      e2b487d7ff1c36cd7030aa9accb61b4b1700e132a81df5ff4a96e54beb0e6b83

    • SHA512

      2418f3e273d549ccec67e74538b61aa5b3577cdd9969504898bbc56d9a56e5798c721e7c332c95218d82baa808a8c668f8f7b5885828073753640594faee135c

    • SSDEEP

      1536:tOKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+1YW/ESKQHS1yXJFa5etSv:AKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM5

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks