208460b1a6ea44dd4ee38e4fc0599306653604216fe5dd1d8901cde8c4d2e816 | Triage

Sharing

General

Target

48390bc39cbafa46142b867031d53525
Size

36KB
Sample

231219-sbdm7shgcm
MD5

48390bc39cbafa46142b867031d53525
SHA1

5d8b2964d174a5a5535a39a82c24d0081effd475
SHA256

208460b1a6ea44dd4ee38e4fc0599306653604216fe5dd1d8901cde8c4d2e816
SHA512

85310c99996c8067ca3612203ef73881186c91b03311a303f9b021414031ad343678f043502e3c0b77ed35039825273fee823ff98c2a5fc46d25dceb619cc5b3
SSDEEP

768:2PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJUMB9vLH6hZgf3z:Kok3hbdlylKsgqopeJBWhZFGkE+cL2NA

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

- Target
  
  48390bc39cbafa46142b867031d53525
- Size
  
  36KB
- MD5
  
  48390bc39cbafa46142b867031d53525
- SHA1
  
  5d8b2964d174a5a5535a39a82c24d0081effd475
- SHA256
  
  208460b1a6ea44dd4ee38e4fc0599306653604216fe5dd1d8901cde8c4d2e816
- SHA512
  
  85310c99996c8067ca3612203ef73881186c91b03311a303f9b021414031ad343678f043502e3c0b77ed35039825273fee823ff98c2a5fc46d25dceb619cc5b3
- SSDEEP
  
  768:2PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJUMB9vLH6hZgf3z:Kok3hbdlylKsgqopeJBWhZFGkE+cL2NA
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2