General

  • Target

    acffd78cb217af92f734472b9257fdb6

  • Size

    36KB

  • Sample

    231219-1rhk4abgbl

  • MD5

    acffd78cb217af92f734472b9257fdb6

  • SHA1

    7d4826bed7435c918c20ed5f3e3a7421528468d9

  • SHA256

    1d0f9c70a8148e3acfe5d7ed72dd9bcb74bf4fdf6900f70de5fe207b48fb9413

  • SHA512

    282070189b848ee61a4bae5cee4e3f6efa16dc07e652d74ec126f99e2be7c9e64db0c264aa9bdf1625a335390530282f7976174e4c4b7568f459e2806ab4842d

  • SSDEEP

    768:xPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJS6B1mRtgtMmSkIl:5ok3hbdlylKsgqopeJBWhZFGkE+cL2Nf

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      acffd78cb217af92f734472b9257fdb6

    • Size

      36KB

    • MD5

      acffd78cb217af92f734472b9257fdb6

    • SHA1

      7d4826bed7435c918c20ed5f3e3a7421528468d9

    • SHA256

      1d0f9c70a8148e3acfe5d7ed72dd9bcb74bf4fdf6900f70de5fe207b48fb9413

    • SHA512

      282070189b848ee61a4bae5cee4e3f6efa16dc07e652d74ec126f99e2be7c9e64db0c264aa9bdf1625a335390530282f7976174e4c4b7568f459e2806ab4842d

    • SSDEEP

      768:xPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJS6B1mRtgtMmSkIl:5ok3hbdlylKsgqopeJBWhZFGkE+cL2Nf

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks