General

  • Target

    catalog-2023423371.zip

  • Size

    50KB

  • Sample

    210513-vj77936pha

  • MD5

    3ee7e62cd8633178746b36083220c03c

  • SHA1

    e55b9ae4bb43f215e9821bd55821484e0e9e0132

  • SHA256

    6599d132c22ebdffbd3a995798cdbb1d6c4e4b4ebabf159d9da686382bb415b0

  • SHA512

    d84f584440e863e3fdc7d2faca4b0ff2e290d29f4e5aeef946e50b664475ebef51f0b8c9ea6618fabe26a3ce061cda64b3118031ad898cc91d3a922b84dcc16d

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

    • Target

      catalog-2023423371.xls

    • Size

      367KB

    • MD5

      df2cb9f16e1832b5e61c8f3ba7ecaa70

    • SHA1

      d41265b00f763726e91752c22c376b6012e85c24

    • SHA256

      7a10b84f68f7a94cb119a487bf40292af08d2d137ba5317dede9055459982308

    • SHA512

      c82cc8b75b3a8f38aac71aa05cf57b85c60f1042e418cca70a0d9837241edf93b231463e88a5b548c477e53a9095dc18f5adff7ba7aad7b9b5fd5bafe188cf97

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks