87ff7fe0ce85c32f7c4080714a75c709dd334d7c5f2a0344c108cfb146ed93de | Triage

Sharing

General

Target

catalog-2108526620.zip
Size

50KB
Sample

210513-qspz2vnq92
MD5

ee1c197c11a7488acf2cdcd44f9aebce
SHA1

c124ac6b47c923c1b0f5c5f38be00759684f8da0
SHA256

87ff7fe0ce85c32f7c4080714a75c709dd334d7c5f2a0344c108cfb146ed93de
SHA512

97a30247950783f597b86c8dba85fb68ec2f32ce5da1db03d3361b3447d068ed9a30d28cf3b2d1d06e0d44846f9cb57ac2b740c19f87d155f4e7a126844fe0a6

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2108526620.xls
- Size
  
  367KB
- MD5
  
  06c387ee3645fef3c674a6904faf84ba
- SHA1
  
  f395ed424c6c27e0f6a892a16d7e5f088202c9a0
- SHA256
  
  8626acd732f4ff0d8ac163caf598bb64cba245289c31d7c468cb86ac96ff7fa1
- SHA512
  
  2f80fea186e814c0b73daac80484e69ba9c4dbc6a3cd43cf521ed3773498d5af2c35ac76a02b24700859e1d220cfa4e9c80e2e62fdc5f7a91b73cec213ba564f
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2