777b850c122424e802df6b6e0a93d18b40e13c54e0a0d326f2d9db7ff396cf5b | Triage

Sharing

General

Target

catalog-2082929296.zip
Size

50KB
Sample

210513-5tlrn5g1k6
MD5

90a894dfaa0d824ebb0c61e77f51a17b
SHA1

a3a7e55becad65fa59920b37b596b8d10e0f5689
SHA256

777b850c122424e802df6b6e0a93d18b40e13c54e0a0d326f2d9db7ff396cf5b
SHA512

7697a8d3aade94a61a29099439fd59f69fb3a2a527ec824cf4b28959e357a1f29ff0c907d5e841a32dccc71781896b272b3e06973f1f32eb51facace0421f768

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2082929296.xls
- Size
  
  367KB
- MD5
  
  9c52e1922876f183d5773bb43aa1098f
- SHA1
  
  b66ffed86390c1118fa1dda817bba834b77b29ea
- SHA256
  
  6a8d2ba386a5541a725e0a6db00900a4fb8f1feb654531ec3d50e0432357aa56
- SHA512
  
  612d214c2851f05cc4bd2023c43e61be03975c5a94018b6b1e89dcccec756c060f526399578ddb0841b65f2edbda22a93e04f4f73c70e769c40092fb9bdf268a
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2