8461a810d08fc9918a79ea4e5d510eca3dde43f7076e95ecf6cb3964441661ed | Triage

Sharing

General

Target

catalog-2015381752.zip
Size

50KB
Sample

210513-c25z8sspyn
MD5

7eb673a887d1b36257901bd779df6f62
SHA1

509d24ef5d66abe99125c7fcd23364295111cd74
SHA256

8461a810d08fc9918a79ea4e5d510eca3dde43f7076e95ecf6cb3964441661ed
SHA512

e2f42f5ba13add347acbc0e31a0c63527d72b299b4c5858a5531b998ac22ffef3b388ef3d70ec3cc1ad8f0bf2101b7a5d2adcb70abc706ee1d2119ce5b0c1f43

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2015381752.xls
- Size
  
  367KB
- MD5
  
  2b0059a2d746cbb36071a3549d1b0aee
- SHA1
  
  0d35e67aee4c2a9b8961989f2a5d7db96d34667d
- SHA256
  
  f26af7447fceee713d76b44cd568935348d56e564e9088c175c14a85414bbe9e
- SHA512
  
  e3bcea63b7b87369d925e8fe7f323564ae11db6a32b28275d8448aa49a8ed93c1e2b081c8b6e08b4a8f17175fd0698f73aec748110e5cf0d58e8dab258312d4d
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2