Overview

overview

10

Static

static

8

595c4b8345...c7.xls

windows7-x64

10

595c4b8345...c7.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    595c4b83458b6acae4abe3433f8b16ea7b46d0ca22ad225e64955fc7412359c7

  • Size

    126KB

  • Sample

    241120-t5l24stqaq

  • MD5

    80d71c4095c7b253fb542523ee920c90

  • SHA1

    c7b03cf93cf2abcebbb4edfb4e51ee654e01b5dd

  • SHA256

    595c4b83458b6acae4abe3433f8b16ea7b46d0ca22ad225e64955fc7412359c7

  • SHA512

    ccc421dad369f64aec16feadc673a677814c4057f9368daf5f4a8c126f5b67ae1e9be9830b606e71f2f3b5e3826f6501bd5b2cc357ffb437b82dbc7422d23463

  • SSDEEP

    3072:LsKpbdrHYrMue8q7QPX+5xtekEdi8/dgR3Syz+nzQIceCRlCB:QKpbdrHYrMue8q7QPX+5xtFEdi8/dgRI

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://med.devsrm.com/wp-content/gtOOTHi3zkUbn8U6/
xlm40.dropper

http://izytalab.com/includes/1mafAX0kOa/
xlm40.dropper

https://pcsolutionss.com/zSlT4HR92TiOpw5NM/
xlm40.dropper

http://www.doctorcasenave.com/wp-content/O2Z1HMebIXiHYBBS/
xlm40.dropper

https://wpl28.realtyna.com/wp-content/0b0ny5cPM/
xlm40.dropper

http://www.efcballjoint.com/Template/AxEZPOfAa9/

Targets

    • Target

      595c4b83458b6acae4abe3433f8b16ea7b46d0ca22ad225e64955fc7412359c7

    • Size

      126KB

    • MD5

      80d71c4095c7b253fb542523ee920c90

    • SHA1

      c7b03cf93cf2abcebbb4edfb4e51ee654e01b5dd

    • SHA256

      595c4b83458b6acae4abe3433f8b16ea7b46d0ca22ad225e64955fc7412359c7

    • SHA512

      ccc421dad369f64aec16feadc673a677814c4057f9368daf5f4a8c126f5b67ae1e9be9830b606e71f2f3b5e3826f6501bd5b2cc357ffb437b82dbc7422d23463

    • SSDEEP

      3072:LsKpbdrHYrMue8q7QPX+5xtekEdi8/dgR3Syz+nzQIceCRlCB:QKpbdrHYrMue8q7QPX+5xtFEdi8/dgRI

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks