General

  • Target

    e9eb3e3a677345a1c39ef79ed8ffceed

  • Size

    36KB

  • Sample

    231222-tl68yaebcr

  • MD5

    e9eb3e3a677345a1c39ef79ed8ffceed

  • SHA1

    03875b5f395bcd90612ded789aeb45508bd0fd36

  • SHA256

    3b98ee2efcd5cffd99a7be136b6aeb0ff45760fca5446afefb3ed8f3b0b9b939

  • SHA512

    0ca2be190efb401f85a580e32e6ffb87e3bf03b1a34b636c5ac8e733305ac38826bbb225e79445af5daf953a042ae870b98eed8e6fcd37570e078b483905bee0

  • SSDEEP

    768:9PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ7WXk1jFQ5tDMWGK3Tq:1ok3hbdlylKsgqopeJBWhZFGkE+cL2Na

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      e9eb3e3a677345a1c39ef79ed8ffceed

    • Size

      36KB

    • MD5

      e9eb3e3a677345a1c39ef79ed8ffceed

    • SHA1

      03875b5f395bcd90612ded789aeb45508bd0fd36

    • SHA256

      3b98ee2efcd5cffd99a7be136b6aeb0ff45760fca5446afefb3ed8f3b0b9b939

    • SHA512

      0ca2be190efb401f85a580e32e6ffb87e3bf03b1a34b636c5ac8e733305ac38826bbb225e79445af5daf953a042ae870b98eed8e6fcd37570e078b483905bee0

    • SSDEEP

      768:9PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ7WXk1jFQ5tDMWGK3Tq:1ok3hbdlylKsgqopeJBWhZFGkE+cL2Na

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks