Overview

overview

10

Static

static

8

2367489958...ae.xls

windows7-x64

10

2367489958...ae.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2367489958bcab574a748c05e26b0e2e525d517f3c69915aec0ba5d25b00e5ae

  • Size

    70KB

  • Sample

    241120-l5wybazmcl

  • MD5

    5b51a362e989e0af3e7f2e080d88770f

  • SHA1

    e77c6f647c9b7fdfacd7e9177f46d4dd0ff26982

  • SHA256

    2367489958bcab574a748c05e26b0e2e525d517f3c69915aec0ba5d25b00e5ae

  • SHA512

    c5cf8cab5e9b96dc22e440d977afeb27506f777db1ed850c8335950adc952d9da1744d396b65c4b50463eec6bacc1a42158b60f0cd40996043f8241a01323cdd

  • SSDEEP

    1536:5+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZYW/ESKQHS1yXJFaGqEEc:kKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg9

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://hepsisifa.com/wp-admin/k/
xlm40.dropper

http://filmmogzivota.rs/SpryAssets/or24hhBl2Ib8704SDO/
xlm40.dropper

http://ecoarch.com.tw/cgi-bin/E/
xlm40.dropper

https://www.clearconstruction.co.uk/scripts/Ev5IXoBvFJkBQ0MZXb/
xlm40.dropper

https://galaxy-catering.com.vn/galxy/Fg1vvhlYJ/
xlm40.dropper

http://www.hangaryapi.com.tr/wp-admin/5n42ncL3nWMbJHwy7/

Targets

    • Target

      2367489958bcab574a748c05e26b0e2e525d517f3c69915aec0ba5d25b00e5ae

    • Size

      70KB

    • MD5

      5b51a362e989e0af3e7f2e080d88770f

    • SHA1

      e77c6f647c9b7fdfacd7e9177f46d4dd0ff26982

    • SHA256

      2367489958bcab574a748c05e26b0e2e525d517f3c69915aec0ba5d25b00e5ae

    • SHA512

      c5cf8cab5e9b96dc22e440d977afeb27506f777db1ed850c8335950adc952d9da1744d396b65c4b50463eec6bacc1a42158b60f0cd40996043f8241a01323cdd

    • SSDEEP

      1536:5+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZYW/ESKQHS1yXJFaGqEEc:kKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg9

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks