65729efe38fc2e9d5a8cecd683354dc7beedc24ffbda970f0a179949c4d0ff71 | Triage

Sharing

General

Target

catalog-2142417111.zip
Size

50KB
Sample

210513-492757ft8a
MD5

886a23f113eb4100649680cd014734fe
SHA1

dc55006ffa68cdec52741a2b40f2aa011bb59323
SHA256

65729efe38fc2e9d5a8cecd683354dc7beedc24ffbda970f0a179949c4d0ff71
SHA512

ca6f9c2762ca87d1009aef92b1c8a0f0edac12f68c15d203c8253e8e2123c6a6a5e60bddff8ece28b8b6ff27b3ceea065840de8cdc44b7617c2fac3cb4d36938

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2142417111.xls
- Size
  
  367KB
- MD5
  
  2f69b6df92e4ab2b7ae631fe788bebd3
- SHA1
  
  f730090181af24ffd298abfbdf5f8c462daa6c28
- SHA256
  
  ce6bec2a8ad06b5152f727111993341f7b408747013d9050e1352c8e3ec68119
- SHA512
  
  74124fd2c29799bacbe9bdde78f7fcdd412a7807a6ea6964b539778d8d135e9143598950338f5a9007d4eb98e5e5f4e9edd99e9ef2a3315a62a5d6929126ee80
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2