General

  • Target

    4802545.xs2.zip

  • Size

    57KB

  • Sample

    210518-9mwnb7hz8j

  • MD5

    8b200cbe3848a83a116dfb11ddee6d28

  • SHA1

    ae7e3a5347a5b28a9da0e3bc4aa7ba59682a9d6d

  • SHA256

    a41258dd0239a487f31f91d4fd8e7d7eb05682bcb1e5f00d843382c3c5c20010

  • SHA512

    eae95682da501fab03267e63ef2e4b1c7321fb54a0e9ae9d01b6634b7d98fcfec292147cf09cf9b4178dba5ad7667cb9266412ce22dadda3a5594e02033d3af1

Score
10/10

Malware Config

Targets

    • Target

      4802545.xs2

    • Size

      110KB

    • MD5

      cfb94c893280fd1edd40a4c74031727a

    • SHA1

      9bf1f365e14842621854282f976b890478816a77

    • SHA256

      3205ebcea1f138f0171ff3815d594883805b4af48a24bc0d6228d0b0ee12ddb4

    • SHA512

      31b573054e5963c939cab24b48a8610f757ea94eba21c5101f2df3ffd8fc3120327795692feda7d448091a93b4befb389eed48e17662d7f2e3b19cc441a56988

    Score
    10/10
    • Nloader

      Simple loader that includes the keyword 'campo' in the URL used to download other families.

    • Nloader Payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks