General

  • Target

    453e03d56993b703a4f4beb4426b7252

  • Size

    186KB

  • Sample

    231226-aewn3sbfgr

  • MD5

    453e03d56993b703a4f4beb4426b7252

  • SHA1

    094c149d550e6e8c5113047202ed7ff55cc77b77

  • SHA256

    cb0af39cef6ba996d0c7676e3ca2442777d2bad53c313e62d7f4b07c42d407ac

  • SHA512

    e2c2d83e2de2d83ccdf8101cf3efef270141a1a17d3ae2aa1e11f4385b255aa2a735611b8254b90388cc31431d8b0df92b84f00f4d9fd13722ea7b380d441318

  • SSDEEP

    3072:OhgDusrJcGUAUpF2e/RIiZmxjTH0Fq2yIyJFZqcN+KCiSsYErzSK/XFMpm:OhqRcGUlFzy4mpTHdrUc3/SsYAS8

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://clientportal.download/div.php

Targets

    • Target

      453e03d56993b703a4f4beb4426b7252

    • Size

      186KB

    • MD5

      453e03d56993b703a4f4beb4426b7252

    • SHA1

      094c149d550e6e8c5113047202ed7ff55cc77b77

    • SHA256

      cb0af39cef6ba996d0c7676e3ca2442777d2bad53c313e62d7f4b07c42d407ac

    • SHA512

      e2c2d83e2de2d83ccdf8101cf3efef270141a1a17d3ae2aa1e11f4385b255aa2a735611b8254b90388cc31431d8b0df92b84f00f4d9fd13722ea7b380d441318

    • SSDEEP

      3072:OhgDusrJcGUAUpF2e/RIiZmxjTH0Fq2yIyJFZqcN+KCiSsYErzSK/XFMpm:OhqRcGUlFzy4mpTHdrUc3/SsYAS8

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks