General

  • Target

    d3c1b1bcce6df44bd65ca0b03ce37c76

  • Size

    36KB

  • Sample

    231220-sltgeacfcp

  • MD5

    d3c1b1bcce6df44bd65ca0b03ce37c76

  • SHA1

    b930fe1cadc6bfcb865242940de584ce323ae546

  • SHA256

    208ea9ca5061cb4555b7d3773bcc441d547156df2eb0c7c2c2d5f258a113bfbf

  • SHA512

    4a93ce5ba65486d8803d70a15aa96d966f2ee0fb0b29c0334bf20f2ae888c32a840184e2742aca99bdea151f4cc7acdd956066a93435c3437bd23c4a58054422

  • SSDEEP

    768:2PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJJL4r+fDaLBojNGc2lM:Kok3hbdlylKsgqopeJBWhZFGkE+cL2Nk

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      d3c1b1bcce6df44bd65ca0b03ce37c76

    • Size

      36KB

    • MD5

      d3c1b1bcce6df44bd65ca0b03ce37c76

    • SHA1

      b930fe1cadc6bfcb865242940de584ce323ae546

    • SHA256

      208ea9ca5061cb4555b7d3773bcc441d547156df2eb0c7c2c2d5f258a113bfbf

    • SHA512

      4a93ce5ba65486d8803d70a15aa96d966f2ee0fb0b29c0334bf20f2ae888c32a840184e2742aca99bdea151f4cc7acdd956066a93435c3437bd23c4a58054422

    • SSDEEP

      768:2PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJJL4r+fDaLBojNGc2lM:Kok3hbdlylKsgqopeJBWhZFGkE+cL2Nk

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks