d7c22ea6f65fa96258ee8e36b5e575185e3cb6dde9a594a1e7d66bfde7462d0f | Triage

Sharing

General

Target

catalog-1928390963.zip
Size

50KB
Sample

210513-m7de4h9c9s
MD5

e3d4b0c9517422313563ef162c11b85e
SHA1

5e578bd11cdd0d3b875f305b9629b54e7040b6e3
SHA256

d7c22ea6f65fa96258ee8e36b5e575185e3cb6dde9a594a1e7d66bfde7462d0f
SHA512

2aece8d42365341966b5080184cd1f9ea65b69d98db764d75ea28aa1f0fedeb4ab91ad6b2652e6942205cd45480115926dae2bec24bebace0fcb89145c6051ef

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-1928390963.xls
- Size
  
  367KB
- MD5
  
  19c386a1ee1578999c48a374f65a496c
- SHA1
  
  d317e939908696a5f011ec547ec4a2ba951a6a50
- SHA256
  
  0c499c9b41777ceab162e875af5b101d8495f02ffd285c02d31fcaff9c6940c7
- SHA512
  
  b1a48dcc3ccc1dd9c4ad902b3f0b5d4289b824249e8403aacc0cb463b9f776efb79364887b2076a93fb0e804ba5306e6228975dfe58a32f1cec1022342956175
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2