General

  • Target

    b861840185482365fd40fd027f76fe87

  • Size

    36KB

  • Sample

    231220-qqd66saee4

  • MD5

    b861840185482365fd40fd027f76fe87

  • SHA1

    8f2ed612c375767290b40e7caf437d2e5702ceb5

  • SHA256

    e67e8b4a6f449eb667842213f68ede72fb6106cd83fc69111607381f62dabe2f

  • SHA512

    fe16ae2d4529b2141a194e49940fb432b52d3c53b06a9a302c72c4928d0a80c8c5923c3409f85bfad8a9c216dbb63584ceb71ccd2ed5885f98fd030a41a0ad80

  • SSDEEP

    768:8PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJdxRDqqr+3fJviGo:ook3hbdlylKsgqopeJBWhZFGkE+cL2NE

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

Targets

    • Target

      b861840185482365fd40fd027f76fe87

    • Size

      36KB

    • MD5

      b861840185482365fd40fd027f76fe87

    • SHA1

      8f2ed612c375767290b40e7caf437d2e5702ceb5

    • SHA256

      e67e8b4a6f449eb667842213f68ede72fb6106cd83fc69111607381f62dabe2f

    • SHA512

      fe16ae2d4529b2141a194e49940fb432b52d3c53b06a9a302c72c4928d0a80c8c5923c3409f85bfad8a9c216dbb63584ceb71ccd2ed5885f98fd030a41a0ad80

    • SSDEEP

      768:8PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJdxRDqqr+3fJviGo:ook3hbdlylKsgqopeJBWhZFGkE+cL2NE

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks