Overview

overview

10

Static

static

catalog-20...63.xls

windows7_x64

10

catalog-20...63.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    catalog-2078303863.zip

  • Size

    50KB

  • Sample

    210513-4grhrxjyps

  • MD5

    734137068dfc58fc9e223bd8367a4e83

  • SHA1

    86b3632646a0e3edee1df5b3ba6974adcffdd897

  • SHA256

    690e2805a6aa9691f49335dc15820cb1ae5ba390a69bebe627c31d1ac4153041

  • SHA512

    5480a825a324457f7b00d93a6e12073afc2bfe527653c134b0655ca238794015a5c58cb506c8deb4be4bfabc54ce0f0267fb9aaa24f91f05fcfc512f5405f4d5

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html
xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

    • Target

      catalog-2078303863.xls

    • Size

      367KB

    • MD5

      e23327247bd85149505a3d31708585b7

    • SHA1

      99af576e545b21217641c8ca2ef49b2028715b37

    • SHA256

      a26f8d349c4a429f8a8eb4d3eaecb5366fdbfdb09d39aeba806c58e4a1f8d897

    • SHA512

      dfc74a7eb8f9ae0a9a6427436fa8dde95e07453b7c58bc96e6d01f6ef16c0a39d211283bb00b07e457353c7cbe4d7645cf3d8e178a6115d05b1ecbc2163dcc05

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks