d5ab86b3c119a19fab929700b85a9283429c24b897cb14bae395899f334371fb | Triage

Sharing

General

Target

catalog-2092578801.zip
Size

50KB
Sample

210513-nlwtx9szrn
MD5

0c6ad2a5390f98aa72a8bb2f0a44b390
SHA1

33de7dea15fedf2008d80bab3d61c0b334a9f601
SHA256

d5ab86b3c119a19fab929700b85a9283429c24b897cb14bae395899f334371fb
SHA512

85453836ec1c51295af01f80a208fd8cf436d237b77650835f15c30704856f67cc6adb0a6b60d91745aaf4e708c8b5ffd7b0fb1573409aee6ffd331e541b94f4

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2092578801.xls
- Size
  
  367KB
- MD5
  
  ddbb7fcf608649aafaf9c1a468093f0b
- SHA1
  
  b9ebbf6ac9fb14c2f070fcbc445ad951ed16bb67
- SHA256
  
  2952cd1f5f7cdcaedff7b14fd16ee96f4b9a41a1651edc9330a5e4129880cb7e
- SHA512
  
  2e07adbc1c743b4e2142a1d82d50f4b1f6e5bbd7dfa85d085835458cd7b0c5520cf021339c3cc68ecdafbed5af85e920edc07c110770d4cce25d25e5efd8d1a6
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2