General

  • Target

    bc716a3e176b6fd85e1d10cb5a7acbd4

  • Size

    36KB

  • Sample

    231220-q36rysahfj

  • MD5

    bc716a3e176b6fd85e1d10cb5a7acbd4

  • SHA1

    15c41c72601ff02c30d57886dd5fad260288c2c3

  • SHA256

    da4aa9780808e5f28cf6fef63912c4c0ffe439548938acb509938d575ee11f05

  • SHA512

    465a536a76dca8956ca9d87dabfda594a73015ac1bdc127cd532ed90daf4d5b0dec475b06de5cee7b20d9c201f490f3983546777f1eceb17982189be9225f4ff

  • SSDEEP

    768:lPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJwA9SDPdEIZU6SX1/4:Nok3hbdlylKsgqopeJBWhZFGkE+cL2Nt

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      bc716a3e176b6fd85e1d10cb5a7acbd4

    • Size

      36KB

    • MD5

      bc716a3e176b6fd85e1d10cb5a7acbd4

    • SHA1

      15c41c72601ff02c30d57886dd5fad260288c2c3

    • SHA256

      da4aa9780808e5f28cf6fef63912c4c0ffe439548938acb509938d575ee11f05

    • SHA512

      465a536a76dca8956ca9d87dabfda594a73015ac1bdc127cd532ed90daf4d5b0dec475b06de5cee7b20d9c201f490f3983546777f1eceb17982189be9225f4ff

    • SSDEEP

      768:lPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJwA9SDPdEIZU6SX1/4:Nok3hbdlylKsgqopeJBWhZFGkE+cL2Nt

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks