General

  • Target

    376605a7be92b34c743cf1f52dab4405

  • Size

    36KB

  • Sample

    231222-athqrsfhbl

  • MD5

    376605a7be92b34c743cf1f52dab4405

  • SHA1

    9c040de445ace40ba842d46d64cf6a18671ad01e

  • SHA256

    fe4b36273080f39e6d9c6af37d964075fcbb680953d578f2683a8f494bb00ba6

  • SHA512

    2aad528dd376a2b42ab70cb118d7a380454a7c52e5ad76a60f03e63b89857d831cd146cfd28a18dc1656c39921767efb90f17cb36435fa0a90233bf9a6f39550

  • SSDEEP

    768:dPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ7Yk8A4nPcXHn:Vok3hbdlylKsgqopeJBWhZFGkE+cL2Nq

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      376605a7be92b34c743cf1f52dab4405

    • Size

      36KB

    • MD5

      376605a7be92b34c743cf1f52dab4405

    • SHA1

      9c040de445ace40ba842d46d64cf6a18671ad01e

    • SHA256

      fe4b36273080f39e6d9c6af37d964075fcbb680953d578f2683a8f494bb00ba6

    • SHA512

      2aad528dd376a2b42ab70cb118d7a380454a7c52e5ad76a60f03e63b89857d831cd146cfd28a18dc1656c39921767efb90f17cb36435fa0a90233bf9a6f39550

    • SSDEEP

      768:dPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ7Yk8A4nPcXHn:Vok3hbdlylKsgqopeJBWhZFGkE+cL2Nq

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks