General

  • Target

    catalog-239708874.zip

  • Size

    50KB

  • Sample

    210513-42rqa3vdkn

  • MD5

    504a2ee8ff1ad1ffe170b01ced12bc1e

  • SHA1

    0544fe35e42e981da08e40d79b9730f68140f58f

  • SHA256

    02f1bb09eff0e5fce078db68f72a22a17f7f8941b25f7c940ab06ee69db67bb9

  • SHA512

    06c864d2d16a1927c254e08ba4c0bd6dd5b01c93832e6472e53a1279374d7ca027e04cc4d03b9a321d6b10beca9e0fd14e8f0f8c93964573b2ab1dfd8a490aae

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

    • Target

      catalog-239708874.xls

    • Size

      367KB

    • MD5

      13875f29b7ba280e14e6610b11fdcddf

    • SHA1

      48eeb3ed3fb29c9aaf4298c8f3eff4ebda75acd3

    • SHA256

      a01617633840effc51c537ad85e4d98a3e436a93048d8b65d6847dac5db3f669

    • SHA512

      8caecae1bb82dff9e7d106130881ddf5506dc778903def5fc2bcb696d830350413365410afb4895c1d45e16a88adce6582da51b375275c97ca65e97bd535c576

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks