010ba7fc1e7761a8adb054eaf1258ac9e15d584cff7936fd01e2f14ddd4f1476 | Triage

Sharing

General

Target

catalog-2128875808.zip
Size

50KB
Sample

210513-xfeat24czs
MD5

b7506b267a0f95e209ea175f36c3abdc
SHA1

b2dafbf6508f5afac8ea2ccd9f0a45d1b1778a01
SHA256

010ba7fc1e7761a8adb054eaf1258ac9e15d584cff7936fd01e2f14ddd4f1476
SHA512

c4539fc60638b965d71a8cc707059d37381ce415cc490bbfe5817159433f45d07860010c5f2e4d3dc577964a2cf7da356166b2f1636bc5b4356f847473792971

Score

10^/10

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://smartpalakatva.com/edQsUZOLlE/th.html

xlm40.dropper

https://pilstlcommodities.com/Ov4FlB3lpy/th.html

Targets

- Target
  
  catalog-2128875808.xls
- Size
  
  367KB
- MD5
  
  864eaf02552de6c727e9310eb9cac578
- SHA1
  
  1e9fa89e689e4a62db7aff326a5427743709efe4
- SHA256
  
  bf079e444a7e9750fe3f3090e8d5c78447009427ad01e8cf9037653716809b13
- SHA512
  
  88b49fe78611e7103ad692c8fedd66b96851225ae6f333ef8fce226e47d1d89d8692b2fe48a5eb73f66cfac7a2c3db0a264fe747ea4dc4af7062c951c5a4a3b4
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2