6599d132c22ebdffbd3a995798cdbb1d6c4e4b4ebabf159d9da686382bb415b0 | Triage

Sharing

General

Target

catalog-2023423371.zip
Size

50KB
Sample

210513-vj77936pha
MD5

3ee7e62cd8633178746b36083220c03c
SHA1

e55b9ae4bb43f215e9821bd55821484e0e9e0132
SHA256

6599d132c22ebdffbd3a995798cdbb1d6c4e4b4ebabf159d9da686382bb415b0
SHA512

d84f584440e863e3fdc7d2faca4b0ff2e290d29f4e5aeef946e50b664475ebef51f0b8c9ea6618fabe26a3ce061cda64b3118031ad898cc91d3a922b84dcc16d

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2023423371.xls
- Size
  
  367KB
- MD5
  
  df2cb9f16e1832b5e61c8f3ba7ecaa70
- SHA1
  
  d41265b00f763726e91752c22c376b6012e85c24
- SHA256
  
  7a10b84f68f7a94cb119a487bf40292af08d2d137ba5317dede9055459982308
- SHA512
  
  c82cc8b75b3a8f38aac71aa05cf57b85c60f1042e418cca70a0d9837241edf93b231463e88a5b548c477e53a9095dc18f5adff7ba7aad7b9b5fd5bafe188cf97
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2