8471ba21698163c769ff0fb55babf56f7d586c1c01dcc6914f1a17c53f91cf39 | Triage

Sharing

General

Target

catalog-2002253741.zip
Size

50KB
Sample

210513-g61mgdbfdn
MD5

0f6daeba77fe08037e7751c62b1d7e6f
SHA1

11ebc49bc61740a6a9243b4525a55306f16fbf24
SHA256

8471ba21698163c769ff0fb55babf56f7d586c1c01dcc6914f1a17c53f91cf39
SHA512

f22fe8cd26a21ede0963cf1b1386db9269dbaf5648dc549740f760307c3c808178445787b3ba86dbf0890bc41d0f02aac4bde711de1573924caff24aed590955

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2002253741.xls
- Size
  
  367KB
- MD5
  
  d3fbb2486b3effa30f87eb8eec28929b
- SHA1
  
  0b9e5f64275f6e5cd5d6efe23979dd7dceac9667
- SHA256
  
  022b64e1a59eb7c5dfbac86cca9b1c98403a1547e96d9a5529a5eb7d958b810d
- SHA512
  
  a9f4d6cecd20ea415aa6ef7d54b50976d8443d7fcb8c5e48b9d782a533a49f4a1fb9d1bc0aaaa00dbcf4a00bc2321a38fb7dbdc8f3b0a8eb01a946e41f2c091d
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2