9d773eb1ae82d27738fd1d7d3cb66eba1bd3555d6d523c63813cb9d9fe7512a4 | Triage

Sharing

General

Target

catalog-1931028109.zip
Size

50KB
Sample

210513-sambrjn2fe
MD5

135599950faefe06d21f0e202445c272
SHA1

53f6db3a34362f56f070c93febcf78df40f6511a
SHA256

9d773eb1ae82d27738fd1d7d3cb66eba1bd3555d6d523c63813cb9d9fe7512a4
SHA512

d7129105245623422bcc5b5157dfc86b5a1a5fb455d3de5395710320ae677e67116b7c247399043a7c1f449257eba96a1369f03a14305a43c836d2d3e47a0df2

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-1931028109.xls
- Size
  
  367KB
- MD5
  
  3aa8d2fc56895da4860d4a21522ee119
- SHA1
  
  9620523306e600b58d9819c6335caa41cd73b953
- SHA256
  
  1be1bf684b33a7b6113fe1ff31a43206bc39248125d7c7de37d921b97fa1e404
- SHA512
  
  273a7abc7ff78b4dc8f10e552a5417ad7f4cff8e87811fa7f74ae9b62ed48e1bf611687f010bfb6a10f63c10c16ac26fbe88d4a1fac3983d6ab4870bec164425
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2