Overview

overview

10

Static

static

8

b40788b5d2...a2.xls

windows7-x64

10

b40788b5d2...a2.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b40788b5d2ec7b1478c3914c8e8abe77a360ad6ef1d7da5993149825d5e248a2

  • Size

    126KB

  • Sample

    241120-wr9bla1fjj

  • MD5

    88fe8f12591c8cd0dfc26effd104d65f

  • SHA1

    6c2838640b6543e7aecbd433657cd12e6e251e4c

  • SHA256

    b40788b5d2ec7b1478c3914c8e8abe77a360ad6ef1d7da5993149825d5e248a2

  • SHA512

    61424e76a9b278e6f6471ee490b0f9cd8f97da7c9fc8d7d61fbdbf989aa6459709ae47059315da5846f121aaf92de29c49dff94089e69a691a8afa889ba7b353

  • SSDEEP

    3072:EsKpbdrHYrMue8q7QPX+5xtekEdi8/dgj3Siz+3z4Icu6hlCI:7KpbdrHYrMue8q7QPX+5xtFEdi8/dgjZ

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://www.forensisbilisim.com/ankara/bplsmKfaKAwAyavNj/
xlm40.dropper

https://www.faitmaison.uk/wp-admin/BZMoK/
xlm40.dropper

http://www.fahriefe.com.tr/yargitaykararlari/aVg/
xlm40.dropper

http://www.parapetyrs.cz/wp-content/uploads/UTnG7GKKkZf/
xlm40.dropper

https://www.whow.fr/wp-includes/aZo78JmHBoEmW6fVQ/
xlm40.dropper

http://www.drcno.sk/_sub/FcEgwPugDI7wr2/

Targets

    • Target

      b40788b5d2ec7b1478c3914c8e8abe77a360ad6ef1d7da5993149825d5e248a2

    • Size

      126KB

    • MD5

      88fe8f12591c8cd0dfc26effd104d65f

    • SHA1

      6c2838640b6543e7aecbd433657cd12e6e251e4c

    • SHA256

      b40788b5d2ec7b1478c3914c8e8abe77a360ad6ef1d7da5993149825d5e248a2

    • SHA512

      61424e76a9b278e6f6471ee490b0f9cd8f97da7c9fc8d7d61fbdbf989aa6459709ae47059315da5846f121aaf92de29c49dff94089e69a691a8afa889ba7b353

    • SSDEEP

      3072:EsKpbdrHYrMue8q7QPX+5xtekEdi8/dgj3Siz+3z4Icu6hlCI:7KpbdrHYrMue8q7QPX+5xtFEdi8/dgjZ

    Score
    10/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks