fb7cec46dc7438be5a5e9774f1a6e675bfd526cc52ce7af2daebd19f9feae2ed | Triage

Sharing

General

Target

catalog-302819507.zip
Size

50KB
Sample

210513-sgpzrgn9j2
MD5

0d909e185aff5d458f8e2d205f4b0f43
SHA1

06584dc62babe3f27e60bace3e8e9d65f2ab73bd
SHA256

fb7cec46dc7438be5a5e9774f1a6e675bfd526cc52ce7af2daebd19f9feae2ed
SHA512

8978ce9afc40784adcd09abc38ba6522f2d06e9d170fadeef49f096886e0a83b2d840f56a88e3c51769d0c2066f569e27d6d9ed336a80a2f3beb286c18971cc5

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-302819507.xls
- Size
  
  367KB
- MD5
  
  7cd289674eb32dd66ca11eb987b0ea23
- SHA1
  
  75fa773c49265152ee07a41f878ac8a31d232f51
- SHA256
  
  741afede521126dd9b5ee2dcf538c0e1ee2feea11c7355ad3c12dd2e464fdcf9
- SHA512
  
  244037f410611173d99fd6966b7ddac9dd7c0d223d6dbd82d5c8773d41940bfbae2278e16a88400c796b8c82be7e38aae616610d3473955e105f4412ee07b230
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2