Overview

overview

10

Static

static

8

a483632338...aa.xls

windows7-x64

10

a483632338...aa.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a483632338b37efa305cc82d86fc8666604220d0e70c369122f4643feb21a5aa

  • Size

    70KB

  • Sample

    241120-nzesysxalq

  • MD5

    04b610f54ed4150e53c244d95b5d59ed

  • SHA1

    a7ada5a84acd9c50b329f470ca1f1a4a6d511b4d

  • SHA256

    a483632338b37efa305cc82d86fc8666604220d0e70c369122f4643feb21a5aa

  • SHA512

    c066f7003376c42b2b0e517a3b130782f501568c54b3c6f196fcf6acd563b2fb18d704698e7e28760d8c2858965746439fa8827befdb3034b8e6a94b571da912

  • SSDEEP

    1536:5+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgAYW/ESKQHS1yXJFadK0VB:kKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://farschid.de/verkaufsberater_service/OZRw36a2y1CH2clUzY/
xlm40.dropper

http://77homolog.com.br/dev-jealves/GP55wbYNXnp6/
xlm40.dropper

http://geowf.ge/templates/pJRea3Iu3wG/
xlm40.dropper

http://h63402x4.beget.tech/bin/wl0ENiE3BhELXV6V/
xlm40.dropper

http://ecoarch.com.tw/cgi-bin/E/
xlm40.dropper

https://galaxy-catering.com.vn/galxy/Fg1vvhlYJ/

Targets

    • Target

      a483632338b37efa305cc82d86fc8666604220d0e70c369122f4643feb21a5aa

    • Size

      70KB

    • MD5

      04b610f54ed4150e53c244d95b5d59ed

    • SHA1

      a7ada5a84acd9c50b329f470ca1f1a4a6d511b4d

    • SHA256

      a483632338b37efa305cc82d86fc8666604220d0e70c369122f4643feb21a5aa

    • SHA512

      c066f7003376c42b2b0e517a3b130782f501568c54b3c6f196fcf6acd563b2fb18d704698e7e28760d8c2858965746439fa8827befdb3034b8e6a94b571da912

    • SSDEEP

      1536:5+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgAYW/ESKQHS1yXJFadK0VB:kKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks