General
-
Target
21509e892c4ef6e47bd2fe0d2290b20e48e4680f2f3537f12a061cd5912b1cac
-
Size
218KB
-
Sample
201028-jp1g7hayj2
-
MD5
8d7f667c5911d8e6c24bcbdbfe56b497
-
SHA1
e13f9c603441f701c0ca9a53bb9b69eb5cb071a9
-
SHA256
21509e892c4ef6e47bd2fe0d2290b20e48e4680f2f3537f12a061cd5912b1cac
-
SHA512
cc60e5138a4f1ff38329f30507a2840550758ca1bc0469f9c347ed735eb55b9af8ae69eb0dd646d4a22189e38812a6b386d66c7df3a25d3d770297556993b9e0
Malware Config
Extracted
https://www.saintmarcel.com/wp-includes/VKbL2/
https://gayatrienterprise.org/wp-admin/DPBsj/
https://weparditestaa.fi/wp-admin/72uPk/
https://blog.6b47.com/Assets/w5U/
https://www.easeiseasy.com/wp-admin/q/
https://ursuperstar.com/wp-admin/AAxKlbV/
https://kramedas.lt/wp-admin/E9Gciyc/
https://critical-thinking.fr/wp-includes/vHQWren/
Targets
-
-
Target
21509e892c4ef6e47bd2fe0d2290b20e48e4680f2f3537f12a061cd5912b1cac
-
Size
218KB
-
MD5
8d7f667c5911d8e6c24bcbdbfe56b497
-
SHA1
e13f9c603441f701c0ca9a53bb9b69eb5cb071a9
-
SHA256
21509e892c4ef6e47bd2fe0d2290b20e48e4680f2f3537f12a061cd5912b1cac
-
SHA512
cc60e5138a4f1ff38329f30507a2840550758ca1bc0469f9c347ed735eb55b9af8ae69eb0dd646d4a22189e38812a6b386d66c7df3a25d3d770297556993b9e0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Executes dropped EXE
-