4f52b96d53dac715320a2565ee96357de130588c2639b372acd7763615da45a3 | Triage

Sharing

General

Target

catalog-2139553193.zip
Size

50KB
Sample

210513-qjzn7lrrkx
MD5

d05bbf7a895e25497fb760b7a9b6ae98
SHA1

2840bdbe47d17669706a877b87f0f5d01ce05002
SHA256

4f52b96d53dac715320a2565ee96357de130588c2639b372acd7763615da45a3
SHA512

7f784ce1d999a3e342af32d2138d3d007d7e2bb65357a7c8315ec4447466ad6f3da1e7b08670d1625ebee3a4699b77a8109be0c7613d2a86ea9cb6e90a891a0c

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2139553193.xls
- Size
  
  367KB
- MD5
  
  9025282441b6081717f9bbb01813c05b
- SHA1
  
  58e38f464272efc5794a7fcfdfc55836c1e9cdbd
- SHA256
  
  52cf3f492fb450d2a14d894d40e2c9f08c1cad11251c7f2c2d5ced10a454881e
- SHA512
  
  6a77c5310a86ef8ee2f0b34b1284215dfdba9e7fd5615c60dc627ceaea42cec3ac3ee6ae3dd5882957d69c1b990cf2c60a0067efe1e13c6a0c251ae22b5f42d2
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2