Overview

overview

10

Static

static

8

4322d95ab4...29.xls

windows7-x64

10

4322d95ab4...29.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4322d95ab424af6c4e6e11bb06f675b7377a7a4604752b12ceeca4b0e0903c29

  • Size

    40KB

  • Sample

    241120-rpn6esycqq

  • MD5

    275b6626d42425801c2c672959425ccf

  • SHA1

    97646cb15fd15cc74394c59eac38dcb408f593f5

  • SHA256

    4322d95ab424af6c4e6e11bb06f675b7377a7a4604752b12ceeca4b0e0903c29

  • SHA512

    0eac808c6fc9da489c86a45e661f7f819aca28a50f86c7ada6f3c7dbd14379ee5b6caed3ed386c827b2c6dcbf391e22d1e608b27a1d3d92c5944bfec6712a258

  • SSDEEP

    768:pkZKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgA9CBn9kC+xbPcfmBqGOtwvcVoclE:p+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dV

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://jimlowry.com/9tag/Mv2ZYY61NBOf8/
xlm40.dropper

http://stainedglassexpress.com/classes/veV/
xlm40.dropper

https://n-process.jp/base/HPH/
xlm40.dropper

http://www.4-hzim.org.zw/language/anCpC49vTB4/
xlm40.dropper

http://salledemode.com/tgroup.ge/6USqthYYyIPw4V/
xlm40.dropper

http://poiterdesign.eu/huur/nc/

Targets

    • Target

      4322d95ab424af6c4e6e11bb06f675b7377a7a4604752b12ceeca4b0e0903c29

    • Size

      40KB

    • MD5

      275b6626d42425801c2c672959425ccf

    • SHA1

      97646cb15fd15cc74394c59eac38dcb408f593f5

    • SHA256

      4322d95ab424af6c4e6e11bb06f675b7377a7a4604752b12ceeca4b0e0903c29

    • SHA512

      0eac808c6fc9da489c86a45e661f7f819aca28a50f86c7ada6f3c7dbd14379ee5b6caed3ed386c827b2c6dcbf391e22d1e608b27a1d3d92c5944bfec6712a258

    • SSDEEP

      768:pkZKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgA9CBn9kC+xbPcfmBqGOtwvcVoclE:p+Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dV

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks