3dd2c1a9b67beddcde5fd1e095c982f963447144a30c3853212e682d7591162a | Triage

Sharing

General

Target

catalog-1973695876.zip
Size

50KB
Sample

210513-ntv8p2tm6x
MD5

3d276bc651e0e1d816a51d69c6229c12
SHA1

237f8954e2d7ef42b5b11c990343b45a26dade88
SHA256

3dd2c1a9b67beddcde5fd1e095c982f963447144a30c3853212e682d7591162a
SHA512

dabb5dd74b6317837c21bfdaf4b3a7e7a5bbffe748571d9ae220206821863cfe47efeea4077d189b5beef92a89bad3824bdf48cffb6b028bb82d3110cda738a7

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-1973695876.xls
- Size
  
  367KB
- MD5
  
  c3c8eee0c30eb2226f1563de17851938
- SHA1
  
  8aeeeaa3ddbd0c69ef93292ce41a09c277a09084
- SHA256
  
  9edb5d2e6a217847387b43e8a0c18a898299f4629eac73a79d47ca67fb4729bb
- SHA512
  
  606616929ccedd4bfcf9d2267a43277115ecc0963422f0c49aab477515b924f74c06f5758359c87e54e193c354a37e498d6693648ccefbc3a793b4ffc6ef89c8
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2