General

  • Target

    0fdebd51c10306d56bd1555cc2467ae166b662318767f4913f57c930dfb4be05

  • Size

    84KB

  • Sample

    220113-ynezpaccd8

  • MD5

    07b04849e0e6e2eac4d82ddace0ff848

  • SHA1

    7e9d3eeb8e71916eb8bae191df937bca616e0291

  • SHA256

    0fdebd51c10306d56bd1555cc2467ae166b662318767f4913f57c930dfb4be05

  • SHA512

    22a8c86f3f7db54c5eba2a292645f50efe658963ac896dd70d34b3e7864b0b10f7ade28c1d37ecc16dcd80900ea68b618369c36ad370f6bb9d022491e3b22e43

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://auto.lambolero.com/f1nygync/J18Keqh/

xlm40.dropper

http://archives-program.com/lbx2/fq4/

xlm40.dropper

http://easyfitcr.com/app/LskbLtWaI/

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://auto.lambolero.com/f1nygync/J18Keqh/

Targets

    • Target

      0fdebd51c10306d56bd1555cc2467ae166b662318767f4913f57c930dfb4be05

    • Size

      84KB

    • MD5

      07b04849e0e6e2eac4d82ddace0ff848

    • SHA1

      7e9d3eeb8e71916eb8bae191df937bca616e0291

    • SHA256

      0fdebd51c10306d56bd1555cc2467ae166b662318767f4913f57c930dfb4be05

    • SHA512

      22a8c86f3f7db54c5eba2a292645f50efe658963ac896dd70d34b3e7864b0b10f7ade28c1d37ecc16dcd80900ea68b618369c36ad370f6bb9d022491e3b22e43

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Downloads MZ/PE file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks