c116a84de226809e5773309160abef8260449684d64ccfa2c8eeea3929efbfc3 | Triage

Sharing

General

Target

catalog-212966646.zip
Size

50KB
Sample

210513-wwm9hq4sse
MD5

1f873782720f46acd4e49ae4ab8d5f29
SHA1

126656b4314fb7e622d06a39236ce49f3d1db0df
SHA256

c116a84de226809e5773309160abef8260449684d64ccfa2c8eeea3929efbfc3
SHA512

3b4e7b1203e3ed9c95981b9e83f7bc76ebca217fc7e57af91b2a7f3a3178d4fee45727f0a7a7940a0e01a776b65b672682f95a4b9f498c4b8e2cf9a0db4a2168

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-212966646.xls
- Size
  
  367KB
- MD5
  
  cf7a377de62e1fe6166c897bc1a9dfe7
- SHA1
  
  741c6e369dd0a97007fe27dc1a466f4227a1191d
- SHA256
  
  1c622a0211ee2cbc493164e39dcaabb4ba885870f280c3b84c272dd900bc1c8a
- SHA512
  
  618b47c9325b78ea7efdbbf7e1bb3bff78c39ec7e3ae94255f68bfe966ddec6b2a0c92a2088d6731dbe1c43ec5691ab92699e990791f44e4f337ca890c18614b
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2