General

  • Target

    ba1e8d8940f0b88ae5ee08383898c40f

  • Size

    36KB

  • Sample

    231222-rhmn1sfhhp

  • MD5

    ba1e8d8940f0b88ae5ee08383898c40f

  • SHA1

    029e2ff47c35b8bc966005f870afa5286a77f0d0

  • SHA256

    0e5f79a6d4bf607c3d12934f3a14c131f9bd93492953832e3db74a8ae8f829b6

  • SHA512

    2cc194bde0333c1f7704a464f540f9705916a46a26bc3601d99e51ee92d8d6c3633728b25bd22f0120a79599312b9b3446729bb61ba9ffcccda5d7bd2cdece8b

  • SSDEEP

    768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJNdq0mYLpcv2:Cok3hbdlylKsgqopeJBWhZFGkE+cL2NO

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      ba1e8d8940f0b88ae5ee08383898c40f

    • Size

      36KB

    • MD5

      ba1e8d8940f0b88ae5ee08383898c40f

    • SHA1

      029e2ff47c35b8bc966005f870afa5286a77f0d0

    • SHA256

      0e5f79a6d4bf607c3d12934f3a14c131f9bd93492953832e3db74a8ae8f829b6

    • SHA512

      2cc194bde0333c1f7704a464f540f9705916a46a26bc3601d99e51ee92d8d6c3633728b25bd22f0120a79599312b9b3446729bb61ba9ffcccda5d7bd2cdece8b

    • SSDEEP

      768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJNdq0mYLpcv2:Cok3hbdlylKsgqopeJBWhZFGkE+cL2NO

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks