Overview

overview

10

Static

static

catalog-209882050.xls

windows7_x64

10

catalog-209882050.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    catalog-209882050.zip

  • Size

    50KB

  • Sample

    210513-8tdq5p7f2j

  • MD5

    c748adcd822289dbc6caec1f79cb2d47

  • SHA1

    fb19e5805fe9bdaa1d5f763356ebd3f642de8e26

  • SHA256

    d9145d25e17ecfa0685ddf34aba79603d71817ae676d39cf6d6433b8b91f105f

  • SHA512

    2d80cece01ee00f0b2ddb52d444456342137c63765cbbb2b0cca23cb2fa3c43ed004e427fbe2776eaeebd419235ed7005401761d956b0e1908221954d1a1785d

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html
xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

    • Target

      catalog-209882050.xls

    • Size

      367KB

    • MD5

      8666f7805cbc41e8c820494253e5f9aa

    • SHA1

      6e1b4266f2e25b4b00cda7d3da6f0c9f09531160

    • SHA256

      73f37edf1c244df0778a5e80aa4889f0afbd53179504441e9ab4573c1f562b53

    • SHA512

      aad9a9dcb0ead8f7cb88aa7a10992d18c6cc82eec126a770dc18cbf8330e41603a8f1b9e04307f7e0df0eec73d6ec71905a072f84091efbfd43ba2ac2233df94

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks