Overview

overview

10

Static

static

8

e145331447...15.xls

windows7-x64

10

e145331447...15.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1453314477dc3efeaa35256cdc53444f3ee90798c23f4a2d75a7f6fba831c15

  • Size

    96KB

  • Sample

    241120-z5hmksthpn

  • MD5

    7a0e407e4ef7428c9ff36d93f4180069

  • SHA1

    c423e85cfe92f2684a46978e61f6a474ca4c7228

  • SHA256

    e1453314477dc3efeaa35256cdc53444f3ee90798c23f4a2d75a7f6fba831c15

  • SHA512

    bd4cb6fed2caee0eb70445de28835f106425bac7962ff55faafd85c9ef7f044143704f738960a41da309e0af4122082e92e4ec2bc72dc818891dc86e3125078c

  • SSDEEP

    1536:WkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmOux:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg8

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://aysbody.com/catalog/fKIbKAcI81pVn/
xlm40.dropper

http://www.birebiregitim.net/wp-includes/mpaZ6zBj3IAJcx/
xlm40.dropper

http://fashionbyprincessmelodicaah.com/4185PINT/79YtAbiNx92iI/
xlm40.dropper

https://pccurico.cl/wp-admin/x3kyR3u8ARXStL7/

Targets

    • Target

      e1453314477dc3efeaa35256cdc53444f3ee90798c23f4a2d75a7f6fba831c15

    • Size

      96KB

    • MD5

      7a0e407e4ef7428c9ff36d93f4180069

    • SHA1

      c423e85cfe92f2684a46978e61f6a474ca4c7228

    • SHA256

      e1453314477dc3efeaa35256cdc53444f3ee90798c23f4a2d75a7f6fba831c15

    • SHA512

      bd4cb6fed2caee0eb70445de28835f106425bac7962ff55faafd85c9ef7f044143704f738960a41da309e0af4122082e92e4ec2bc72dc818891dc86e3125078c

    • SSDEEP

      1536:WkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmOux:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg8

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks