b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6e

General
Target

b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6e

Size

83KB

Sample

220115-bylhwsbge4

Score
10 /10
MD5

bdc6d97b7154f28cc5bfb7d95190a1fa

SHA1

37d3583e2cd06ebf7b6ec8768abb635c5a1dd3d9

SHA256

b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6e

SHA512

ad96e4126355d96c20fb777cb0ea4aaffe25423cd79b7c779e2b01fd4046c4135250d8273577a034390074dd9adea0dc6adf01313e72d2b89bbe481da29b2016

Malware Config

Extracted

Language xlm4.0
Source
URLs
xlm40.dropper

https://zml.laneso.com/packet/AlvJ8OdtSYEeeCQP/

xlm40.dropper

http://ostadsarma.com/wp-admin/JNgASjNC/

xlm40.dropper

http://govtjobresultbd.xyz/sjjz/UIUhOHsLqjOy9/

Extracted

Language xlm4.0
Source
URLs
xlm40.dropper

https://zml.laneso.com/packet/AlvJ8OdtSYEeeCQP/

Targets
Target

b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6e

MD5

bdc6d97b7154f28cc5bfb7d95190a1fa

Filesize

83KB

Score
10/10
SHA1

37d3583e2cd06ebf7b6ec8768abb635c5a1dd3d9

SHA256

b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6e

SHA512

ad96e4126355d96c20fb777cb0ea4aaffe25423cd79b7c779e2b01fd4046c4135250d8273577a034390074dd9adea0dc6adf01313e72d2b89bbe481da29b2016

Signatures

  • Process spawned unexpected child process

    Description

    This typically indicates the parent process was compromised via an exploit or macro.

  • Blocklisted process makes network request

  • Loads dropped DLL

  • Drops file in System32 directory

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        8/10

                        behavioral1

                        10/10

                        behavioral2

                        10/10