General

  • Target

    c83ab6a0170a8f06dff0f2fe85f6ac1a

  • Size

    35KB

  • Sample

    231220-rvsqssbhhk

  • MD5

    c83ab6a0170a8f06dff0f2fe85f6ac1a

  • SHA1

    cb87dc9f53eb9a22859c3daf927168018b0b2644

  • SHA256

    f6fb9c833ebcd0ae8ffb2073eb94efe3e15861fcbfd277bbe0f4cdbc3ce38080

  • SHA512

    969c633136464a710ca4c9bd3bbe36bdcc3c18a516eb162cfd1ecf1bff976457a4f17dbf3274ba790f32f2de90b22afe1daa07601c205cc2dd3c125444c62f6c

  • SSDEEP

    768:oPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT97NDlxFW9n:Eok3hbdlylKsgqopeJBWhZFGkE+cL2Nz

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      c83ab6a0170a8f06dff0f2fe85f6ac1a

    • Size

      35KB

    • MD5

      c83ab6a0170a8f06dff0f2fe85f6ac1a

    • SHA1

      cb87dc9f53eb9a22859c3daf927168018b0b2644

    • SHA256

      f6fb9c833ebcd0ae8ffb2073eb94efe3e15861fcbfd277bbe0f4cdbc3ce38080

    • SHA512

      969c633136464a710ca4c9bd3bbe36bdcc3c18a516eb162cfd1ecf1bff976457a4f17dbf3274ba790f32f2de90b22afe1daa07601c205cc2dd3c125444c62f6c

    • SSDEEP

      768:oPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT97NDlxFW9n:Eok3hbdlylKsgqopeJBWhZFGkE+cL2Nz

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks