General

  • Target

    9eb87ad1725adbdd10d437abdc14226e

  • Size

    36KB

  • Sample

    240215-2ayfnaac4v

  • MD5

    9eb87ad1725adbdd10d437abdc14226e

  • SHA1

    84a43c331aa812f9d6e4bbfb5fbc1d0b5dd424ac

  • SHA256

    76cf19d3372bb4e45f5e5c9903e6adc2fda3d1c704942e8507be64a6c247bfbf

  • SHA512

    16588e493d39f5678f1ae4a28ba95207b96b458cb9a8c2e5a5b37e12a736d95b1621394d392663d03064e18f8ea9091e104f9db90d93e8d43b8031f3fe8d912b

  • SSDEEP

    768:YPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJzjrW8wtgTlQPmXlxpz/F:Uok3hbdlylKsgqopeJBWhZFGkE+cL2NQ

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      9eb87ad1725adbdd10d437abdc14226e

    • Size

      36KB

    • MD5

      9eb87ad1725adbdd10d437abdc14226e

    • SHA1

      84a43c331aa812f9d6e4bbfb5fbc1d0b5dd424ac

    • SHA256

      76cf19d3372bb4e45f5e5c9903e6adc2fda3d1c704942e8507be64a6c247bfbf

    • SHA512

      16588e493d39f5678f1ae4a28ba95207b96b458cb9a8c2e5a5b37e12a736d95b1621394d392663d03064e18f8ea9091e104f9db90d93e8d43b8031f3fe8d912b

    • SSDEEP

      768:YPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJzjrW8wtgTlQPmXlxpz/F:Uok3hbdlylKsgqopeJBWhZFGkE+cL2NQ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks