General

  • Target

    04eca136ab220409c60bf9929b6c91f7512f38b0490af2ce5ba50dc9bf9a65c2

  • Size

    352KB

  • Sample

    230129-x3rrcsag39

  • MD5

    dbefcffa218ce440de3a930ffbbc46ff

  • SHA1

    b14d706a3556d750ff8ea0f4ad41b9b393eaa33c

  • SHA256

    04eca136ab220409c60bf9929b6c91f7512f38b0490af2ce5ba50dc9bf9a65c2

  • SHA512

    6027cb1e0de3635d47aa737ef527708522f20636e5039c2463e15f5b72a2209956ed59e00c584d7175c9211bc0ce9fb4ae5abe1e0f084803d2a646653f78657f

  • SSDEEP

    6144:ATq1jURRRY1QzB8WTXgmKjNNt9MxBJd6E3MsUbsXmR6hSJi6qnh:ui1QzB8WTyjNpMesUbsXmR6hS06qnh

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://powerdust.digital/g

Targets

    • Target

      04eca136ab220409c60bf9929b6c91f7512f38b0490af2ce5ba50dc9bf9a65c2

    • Size

      352KB

    • MD5

      dbefcffa218ce440de3a930ffbbc46ff

    • SHA1

      b14d706a3556d750ff8ea0f4ad41b9b393eaa33c

    • SHA256

      04eca136ab220409c60bf9929b6c91f7512f38b0490af2ce5ba50dc9bf9a65c2

    • SHA512

      6027cb1e0de3635d47aa737ef527708522f20636e5039c2463e15f5b72a2209956ed59e00c584d7175c9211bc0ce9fb4ae5abe1e0f084803d2a646653f78657f

    • SSDEEP

      6144:ATq1jURRRY1QzB8WTXgmKjNNt9MxBJd6E3MsUbsXmR6hSJi6qnh:ui1QzB8WTyjNpMesUbsXmR6hS06qnh

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks