Overview

overview

10

Static

static

8

3141720b79...1b.xls

windows7-x64

10

3141720b79...1b.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3141720b7956b85d9fb77c0d7713efd8fe8b7aaff41cbdc3ae5fe92e70a59a1b

  • Size

    50KB

  • Sample

    241120-p81mfswhqf

  • MD5

    f4c4091b53e82a52814df1f068af712d

  • SHA1

    18f4b51e4d6092ff52dc749d495c8fee5d286511

  • SHA256

    3141720b7956b85d9fb77c0d7713efd8fe8b7aaff41cbdc3ae5fe92e70a59a1b

  • SHA512

    2f8c5e54090b02c2da7a98bcd16f162c44a0d2c0ab0e20288d2bd4528278de474990e5b40fb026f0e86c5254ad65296421eab907d0700e3d7b76127410add193

  • SSDEEP

    1536:8RKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+E43SaU3hzf:KKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM3

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bvirtual.com/affinita/ryXUZdAHcNNEG/
xlm40.dropper

https://bulldogironworksllc.com/temp/32930RoofbdmQ0r/
xlm40.dropper

https://www.almoeqatar.com/cgi-bin/qoOYPhlkRGnBClmNu5I/
xlm40.dropper

https://bosny.com/aspnet_client/UZlstV/
xlm40.dropper

http://mulmatdol.com/adm/Semrx6pQ/
xlm40.dropper

http://escgayrimenkul.com/cgi-bin/RuqpDmm/

Targets

    • Target

      3141720b7956b85d9fb77c0d7713efd8fe8b7aaff41cbdc3ae5fe92e70a59a1b

    • Size

      50KB

    • MD5

      f4c4091b53e82a52814df1f068af712d

    • SHA1

      18f4b51e4d6092ff52dc749d495c8fee5d286511

    • SHA256

      3141720b7956b85d9fb77c0d7713efd8fe8b7aaff41cbdc3ae5fe92e70a59a1b

    • SHA512

      2f8c5e54090b02c2da7a98bcd16f162c44a0d2c0ab0e20288d2bd4528278de474990e5b40fb026f0e86c5254ad65296421eab907d0700e3d7b76127410add193

    • SSDEEP

      1536:8RKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+E43SaU3hzf:KKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM3

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks