[0day] Abusing XLM Macros in SYLK Files
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | f1750b23-961c-40e0-bd16-3f2d387eae30 |
| Fingerprint | 2c004a151e873f07 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 3, 2019, midnight |
| Added to db | Oct. 22, 2023, 10:30 p.m. |
| Last updated | Nov. 17, 2024, 6:30 p.m. |
| Headline | UNKNOWN |
| Title | [0day] Abusing XLM Macros in SYLK Files |
| Detected Hints/Tags/Attributes | 44/1/14 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Redirection | https://objective-see.com/blog/blog_0x50.html |
| Details | Source | https://objective-see.org/blog/blog_0x50.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 186 | ✔ | Objective-See's Blog | https://objective-see.org/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT CC Vulnerability Notes Database | 1 | VU#125336 |
|
| Details | Domain | 27 | com.microsoft |
|
| Details | Domain | 2 | public.data |
|
| Details | Domain | 2 | excel.app |
|
| Details | Domain | 25 | calculator.app |
|
| Details | Domain | 3 | com.apple.security.app |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 2 | ubf8t346g9.com.microsoft |
|
| Details | Domain | 5 | eclecticlight.co |
|
| Details | File | 1 | excel.slk |
|
| Details | File | 3 | public.dat |
|
| Details | File | 130 | info.pl |
|
| Details | File | 1 | poc.slk |
|
| Details | Url | 1 | https://eclecticlight.co/2019/06/12/grokking-gatekeeper-in-catalina |