General

  • Target

    c66a36969b9c4c69af83768bf76e6711

  • Size

    36KB

  • Sample

    231222-rxh95sbefj

  • MD5

    c66a36969b9c4c69af83768bf76e6711

  • SHA1

    8077add7e321c9b5a966c8cf4495330cb1fa5388

  • SHA256

    a810fe997e38630c98b2098ade72f1b4f432a6fb38a5f7c5e5b4d355df4b6902

  • SHA512

    909bdcc58fb90dad01388abcdf379b3fb0b4a28ae729cdeb79c7782c3d6996381e7234fe3547fdf04ec042bcd6ca67e90ab51b2a117650a88bb0648c54417cf0

  • SSDEEP

    768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT59GsosiP4xEPeDYtkKrNX:Bok3hbdlylKsgqopeJBWhZFGkE+cL2NF

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      c66a36969b9c4c69af83768bf76e6711

    • Size

      36KB

    • MD5

      c66a36969b9c4c69af83768bf76e6711

    • SHA1

      8077add7e321c9b5a966c8cf4495330cb1fa5388

    • SHA256

      a810fe997e38630c98b2098ade72f1b4f432a6fb38a5f7c5e5b4d355df4b6902

    • SHA512

      909bdcc58fb90dad01388abcdf379b3fb0b4a28ae729cdeb79c7782c3d6996381e7234fe3547fdf04ec042bcd6ca67e90ab51b2a117650a88bb0648c54417cf0

    • SSDEEP

      768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT59GsosiP4xEPeDYtkKrNX:Bok3hbdlylKsgqopeJBWhZFGkE+cL2NF

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks