General

  • Target

    814ed4b755ce9c5346d281c2a64581d8

  • Size

    36KB

  • Sample

    231219-xypffadce5

  • MD5

    814ed4b755ce9c5346d281c2a64581d8

  • SHA1

    75b8ed0b2ef7ba537a977db83944f75ebfe4dc79

  • SHA256

    bdb62eafbde778bb877ba6ebb9ae4e1049fb926b4ea94d5d066abe261169c790

  • SHA512

    6898eb2d93fa70c3f55d21defe4d1794d8f6a46ea6426d7b754ee92e399b0c57eaba3c7b2f4f3d9105229c5f39ab3f78b173105fc92e9092ac46a6906e3efc47

  • SSDEEP

    768:NPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJUjVCKZU9CMVNVprfbf1Ri:lok3hbdlylKsgqopeJBWhZFGkE+cL2Nr

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      814ed4b755ce9c5346d281c2a64581d8

    • Size

      36KB

    • MD5

      814ed4b755ce9c5346d281c2a64581d8

    • SHA1

      75b8ed0b2ef7ba537a977db83944f75ebfe4dc79

    • SHA256

      bdb62eafbde778bb877ba6ebb9ae4e1049fb926b4ea94d5d066abe261169c790

    • SHA512

      6898eb2d93fa70c3f55d21defe4d1794d8f6a46ea6426d7b754ee92e399b0c57eaba3c7b2f4f3d9105229c5f39ab3f78b173105fc92e9092ac46a6906e3efc47

    • SSDEEP

      768:NPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJUjVCKZU9CMVNVprfbf1Ri:lok3hbdlylKsgqopeJBWhZFGkE+cL2Nr

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks