General

  • Target

    catalog-212086834.zip

  • Size

    50KB

  • Sample

    210513-e38q7sy216

  • MD5

    f2d8448eceb5761d8274daef7070dbd9

  • SHA1

    0c4265f763cad11af02cf1a0d379265a8c25fb26

  • SHA256

    fd2f66afc85a67c93ff9ac8f49f60f76777c80e70a8c1eb1f083db697e449d7e

  • SHA512

    d7649d0e6a37556ea713db3e44f69ee572b1757ef3737d2524e035a8ad48f8408eb280b1e74c3b879964beb1632b0f0b5f533ceea0459b1aa17eb62665b40163

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

    • Target

      catalog-212086834.xls

    • Size

      367KB

    • MD5

      5929e6220f23cff3f30223cc9812edaf

    • SHA1

      4887ebc394b995311d030dbce531330b84a483e1

    • SHA256

      327e9ea34d01e3c7160aa1a4cc90db40e8759c9b5d8c7a106e34324c587f03fe

    • SHA512

      e8dfd68f6b21dd540be3fd477c53b90bfae037f7d1cc2cf6458ac5ad495fb7bd2e670d67f3049c661f286fcb082e66754fd37eea20550c5ebca37c8f82d133ab

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks