General

  • Target

    48431de25911a021d16cf3c07f078640

  • Size

    36KB

  • Sample

    231226-bkf19ahbcq

  • MD5

    48431de25911a021d16cf3c07f078640

  • SHA1

    c8dc78afbabf927c2e358308640a6595671fa920

  • SHA256

    2333addd2ddd2f6d5a21eaf9ec9cfb5e4a6fb67a766fc5da7aa91189a826d3c3

  • SHA512

    7919fb9ad5b478f0194919499b7a3a228e175389235b63dcbf273e63a6dca3abdde85d687dc4a1a68dc3d5794ac53d1df8aead6145d057261ec45bae2c539715

  • SSDEEP

    768:IPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJjjHHcPloLQLr2eXGe8B:kok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://statedauto.com/wp-data.php

xlm40.dropper

https://markens.online/wp-data.php

Targets

    • Target

      48431de25911a021d16cf3c07f078640

    • Size

      36KB

    • MD5

      48431de25911a021d16cf3c07f078640

    • SHA1

      c8dc78afbabf927c2e358308640a6595671fa920

    • SHA256

      2333addd2ddd2f6d5a21eaf9ec9cfb5e4a6fb67a766fc5da7aa91189a826d3c3

    • SHA512

      7919fb9ad5b478f0194919499b7a3a228e175389235b63dcbf273e63a6dca3abdde85d687dc4a1a68dc3d5794ac53d1df8aead6145d057261ec45bae2c539715

    • SSDEEP

      768:IPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJjjHHcPloLQLr2eXGe8B:kok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks