Overview

overview

10

Static

static

8

11345d8a92...42.xls

windows7-x64

10

11345d8a92...42.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11345d8a929cf5279d698720165a50d383b0882f712cf38ebceb445cef692342

  • Size

    40KB

  • Sample

    241120-mf6lwszncn

  • MD5

    e47b8c6732fa6af076ba129c344fbeb3

  • SHA1

    b5219f2c5f8820a4b49aac303930b7a2d1ef457a

  • SHA256

    11345d8a929cf5279d698720165a50d383b0882f712cf38ebceb445cef692342

  • SHA512

    ccf15f5504f386e8f72a80b215fc761cad442aa49de07c80caf6e23cb5e34767f69ff019343fb0349f163c140e6b49914c69505d319a06c7c53377c9306a61ea

  • SSDEEP

    768:pkZKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgA9CBn9kC+xbPcfmBqGOtwvcVocl0:p+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dV

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://jimlowry.com/9tag/Mv2ZYY61NBOf8/
xlm40.dropper

http://stainedglassexpress.com/classes/veV/
xlm40.dropper

https://n-process.jp/base/HPH/
xlm40.dropper

http://www.4-hzim.org.zw/language/anCpC49vTB4/
xlm40.dropper

http://salledemode.com/tgroup.ge/6USqthYYyIPw4V/
xlm40.dropper

http://poiterdesign.eu/huur/nc/

Targets

    • Target

      11345d8a929cf5279d698720165a50d383b0882f712cf38ebceb445cef692342

    • Size

      40KB

    • MD5

      e47b8c6732fa6af076ba129c344fbeb3

    • SHA1

      b5219f2c5f8820a4b49aac303930b7a2d1ef457a

    • SHA256

      11345d8a929cf5279d698720165a50d383b0882f712cf38ebceb445cef692342

    • SHA512

      ccf15f5504f386e8f72a80b215fc761cad442aa49de07c80caf6e23cb5e34767f69ff019343fb0349f163c140e6b49914c69505d319a06c7c53377c9306a61ea

    • SSDEEP

      768:pkZKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgA9CBn9kC+xbPcfmBqGOtwvcVocl0:p+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dV

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks