General

  • Target

    4f162f7597731bb0ce4aa4fb1813504c

  • Size

    36KB

  • Sample

    231226-dnskkadcgm

  • MD5

    4f162f7597731bb0ce4aa4fb1813504c

  • SHA1

    593cb3f107412479cd62412e86187819390dc8bc

  • SHA256

    462d0d78a828462f6e880accfa25a014bf80340e3aaa062a8023720c9c0264b5

  • SHA512

    9aacc2461491c4b58c6b71a9dfe3b900284d1b11fdf543ede4591c9515bcdc899fb6080dc93ac2463b0016b05898d5469bdb2d8a2a820c8fce29048ca999cbdd

  • SSDEEP

    768:wPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJDR4glOn9IZ398jeu:cok3hbdlylKsgqopeJBWhZFGkE+cL2N/

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      4f162f7597731bb0ce4aa4fb1813504c

    • Size

      36KB

    • MD5

      4f162f7597731bb0ce4aa4fb1813504c

    • SHA1

      593cb3f107412479cd62412e86187819390dc8bc

    • SHA256

      462d0d78a828462f6e880accfa25a014bf80340e3aaa062a8023720c9c0264b5

    • SHA512

      9aacc2461491c4b58c6b71a9dfe3b900284d1b11fdf543ede4591c9515bcdc899fb6080dc93ac2463b0016b05898d5469bdb2d8a2a820c8fce29048ca999cbdd

    • SSDEEP

      768:wPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJDR4glOn9IZ398jeu:cok3hbdlylKsgqopeJBWhZFGkE+cL2N/

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks