Overview

overview

10

Static

static

8

ba710144fe...b0.xls

windows7-x64

10

ba710144fe...b0.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba710144fe573f6205cb980b3dfceccf064614742cd222ab0a7f17681296b3b0

  • Size

    50KB

  • Sample

    241120-vsr82avkar

  • MD5

    fd02e2ce0a39e08c1f2afbf57f441875

  • SHA1

    c81059a549d6c9db9b88a72a2ba5875e62eb3b1a

  • SHA256

    ba710144fe573f6205cb980b3dfceccf064614742cd222ab0a7f17681296b3b0

  • SHA512

    8027c60c7ef2e7496da474fd7a0be419aee4349fce57e2edf3c212177761e436203e5887280146ed817c91889d2378f766c907577f31a87e7a2b734e30db41b9

  • SSDEEP

    1536:8RKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+E43SaU3hzT:KKpb8rGYrMPe3q7Q0XV5xtezE8vG8UMr

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bvirtual.com/affinita/ryXUZdAHcNNEG/
xlm40.dropper

https://bulldogironworksllc.com/temp/32930RoofbdmQ0r/
xlm40.dropper

https://www.almoeqatar.com/cgi-bin/qoOYPhlkRGnBClmNu5I/
xlm40.dropper

https://bosny.com/aspnet_client/UZlstV/
xlm40.dropper

http://mulmatdol.com/adm/Semrx6pQ/
xlm40.dropper

http://escgayrimenkul.com/cgi-bin/RuqpDmm/

Targets

    • Target

      ba710144fe573f6205cb980b3dfceccf064614742cd222ab0a7f17681296b3b0

    • Size

      50KB

    • MD5

      fd02e2ce0a39e08c1f2afbf57f441875

    • SHA1

      c81059a549d6c9db9b88a72a2ba5875e62eb3b1a

    • SHA256

      ba710144fe573f6205cb980b3dfceccf064614742cd222ab0a7f17681296b3b0

    • SHA512

      8027c60c7ef2e7496da474fd7a0be419aee4349fce57e2edf3c212177761e436203e5887280146ed817c91889d2378f766c907577f31a87e7a2b734e30db41b9

    • SSDEEP

      1536:8RKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+E43SaU3hzT:KKpb8rGYrMPe3q7Q0XV5xtezE8vG8UMr

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks