7aaa2b2800d4180b3db63eeddb3e7cc37d0d1940fc4c74ad231ccc48c34c8ba9 | Triage

Sharing

General

Target

7aaa2b2800d4180b3db63eeddb3e7cc37d0d1940fc4c74ad231ccc48c34c8ba9
Size

36KB
Sample

221130-skt2jsdh4x
MD5

838fc785b7c03320b2ed4b61dd72b749
SHA1

a4552bc6cf6073db7b72f11e73999a6a2e2af36a
SHA256

7aaa2b2800d4180b3db63eeddb3e7cc37d0d1940fc4c74ad231ccc48c34c8ba9
SHA512

7f999056eca7889b5ac142fc39414eceb0128be7424883942445a47a9169390962cf0724dc89898ca3c03b4d7eebaaf3ed0d329ec1d0961951cb163010faa723
SSDEEP

768:NPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJz3LV2Js7BFxZPW4XV:lok3hbdlylKsgqopeJBWhZFGkE+cL2N+

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

- Target
  
  7aaa2b2800d4180b3db63eeddb3e7cc37d0d1940fc4c74ad231ccc48c34c8ba9
- Size
  
  36KB
- MD5
  
  838fc785b7c03320b2ed4b61dd72b749
- SHA1
  
  a4552bc6cf6073db7b72f11e73999a6a2e2af36a
- SHA256
  
  7aaa2b2800d4180b3db63eeddb3e7cc37d0d1940fc4c74ad231ccc48c34c8ba9
- SHA512
  
  7f999056eca7889b5ac142fc39414eceb0128be7424883942445a47a9169390962cf0724dc89898ca3c03b4d7eebaaf3ed0d329ec1d0961951cb163010faa723
- SSDEEP
  
  768:NPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJz3LV2Js7BFxZPW4XV:lok3hbdlylKsgqopeJBWhZFGkE+cL2N+
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2