b7ac5bf81967d408a751c717509c98bc9773d697b9b2a832971b828a7927abf6 | Triage

Sharing

General

Target

catalog-246234812.zip
Size

50KB
Sample

210513-j9mahmhxss
MD5

7d3c2e92271f2c1b7a37cc458ff3c2bb
SHA1

74bd296626351a18e3e2eb85509b376aa668c735
SHA256

b7ac5bf81967d408a751c717509c98bc9773d697b9b2a832971b828a7927abf6
SHA512

4b786c5f939fd9ea8b10f5651231fd3a5264f4e55139589eca8dcb9566c629f415c77d6086242e4eef284ec5a20ca341d959733023f1ec7ed3215ac6585567fd

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-246234812.xls
- Size
  
  367KB
- MD5
  
  961bd25ec4aeb578ad535a7d9721de96
- SHA1
  
  5bac3d561e2f009cb071a66e2fff96f143d98cf0
- SHA256
  
  7906a1c0e8e1160ee05b7d76739b56c824ad94b6ea62649479d80150381d8b06
- SHA512
  
  3c0479c5dfff784d17207f1058de0dbde8b99f48c6f5ea99b42cb5bd23f743dd8c6e971e29a7076047a4b7a947b439adcf2841c5b809fd89f1c8edd6cde0ed87
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2