General

  • Target

    ccef9a717483d48dd5b51b93d916e8d1

  • Size

    36KB

  • Sample

    231220-r6rymsadd2

  • MD5

    ccef9a717483d48dd5b51b93d916e8d1

  • SHA1

    f972fe6d5f716ed5aa8bccd68dcdb6ddb676a73b

  • SHA256

    90f78c81901031ddc5bdae2c70f9c95f13ca369d816a9825e38c3901f4d3d599

  • SHA512

    03e1cb6502f2ecaacac14abe170be00e654c7bf99cc851d655ebb674e90d29232cf25144811ffa9c14445ad26b4b85e087aca7890564d36aff890f735545a026

  • SSDEEP

    768:bPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJrobzLQQtg9:jok3hbdlylKsgqopeJBWhZFGkE+cL2NW

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      ccef9a717483d48dd5b51b93d916e8d1

    • Size

      36KB

    • MD5

      ccef9a717483d48dd5b51b93d916e8d1

    • SHA1

      f972fe6d5f716ed5aa8bccd68dcdb6ddb676a73b

    • SHA256

      90f78c81901031ddc5bdae2c70f9c95f13ca369d816a9825e38c3901f4d3d599

    • SHA512

      03e1cb6502f2ecaacac14abe170be00e654c7bf99cc851d655ebb674e90d29232cf25144811ffa9c14445ad26b4b85e087aca7890564d36aff890f735545a026

    • SSDEEP

      768:bPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJrobzLQQtg9:jok3hbdlylKsgqopeJBWhZFGkE+cL2NW

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks