c1685fc32fdaeff29f5f01755925459749849392246985251f39aafd98fc36d9 | Triage

Sharing

General

Target

catalog-2052649991.zip
Size

50KB
Sample

210513-6p5mzhcar2
MD5

66cf94ee5219bcb3bbeda1728ec6e2be
SHA1

2cb3fe7076864ee233928fdce7608a83945694af
SHA256

c1685fc32fdaeff29f5f01755925459749849392246985251f39aafd98fc36d9
SHA512

a7b934a0fc22be51419b6e3211644298d1a357584a1e51182102ec71ed7a45ee267369a63674305d849d5c0b17a1dfa640bbf50b24a52c799f10aa2bcab13b14

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2052649991.xls
- Size
  
  367KB
- MD5
  
  36aac2f3e5592b10edb298273512d27b
- SHA1
  
  ed9c7f93dea5310722139ede02bdce992405b61d
- SHA256
  
  926233fe3d3366dca1b54637c328c02dac9736522ad4119d36da0921b122d12a
- SHA512
  
  dc559017e45140a5f4bbe8f135759b87f129ea2ed8e310886f89e65621bc0d77d7ea79148e0a0d482a9b254bb6608a34ce12d421ec976ef10c57f023e4bb1225
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2