General

  • Target

    dc00286d9b966d47cd172602ed1f5916

  • Size

    36KB

  • Sample

    231220-s54rgsdca6

  • MD5

    dc00286d9b966d47cd172602ed1f5916

  • SHA1

    29a7f82e2f042f038d459b1ca45d6c609cc6cbb6

  • SHA256

    04caa4a172499203c26ccd8ce154aa961f1322b1215cd939b3d1f42ea014cc40

  • SHA512

    c306b9cf0a343aa21e163c4495006023b23e8ceb086bb80df15078ae4d357995b1b9f3ee476182080f6fdbd681f0e6644f3b28ff174a4b0a35572f8ff6a98d6e

  • SSDEEP

    768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJieRjSjtRuHqcTai8Z:Bok3hbdlylKsgqopeJBWhZFGkE+cL2NR

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      dc00286d9b966d47cd172602ed1f5916

    • Size

      36KB

    • MD5

      dc00286d9b966d47cd172602ed1f5916

    • SHA1

      29a7f82e2f042f038d459b1ca45d6c609cc6cbb6

    • SHA256

      04caa4a172499203c26ccd8ce154aa961f1322b1215cd939b3d1f42ea014cc40

    • SHA512

      c306b9cf0a343aa21e163c4495006023b23e8ceb086bb80df15078ae4d357995b1b9f3ee476182080f6fdbd681f0e6644f3b28ff174a4b0a35572f8ff6a98d6e

    • SSDEEP

      768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJieRjSjtRuHqcTai8Z:Bok3hbdlylKsgqopeJBWhZFGkE+cL2NR

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks