General

  • Target

    9f56f1100288ac7c1873dd170328ca83

  • Size

    36KB

  • Sample

    240216-d5ed9sgh53

  • MD5

    9f56f1100288ac7c1873dd170328ca83

  • SHA1

    1978ccf88b6295ab162364dee91cdb550b8b7c83

  • SHA256

    974a951fb86a0dbc81181bb003a3bc7ff405c70eacefc67a9da9868b1b6b494c

  • SHA512

    97232ad56fedd6bc8ae68ed31a101fa790f4993f7135b65a15a327ec5e77a57099aaba0248184102f60d5ca95865ee6daea29740f690366880ef0d6e17e2d65d

  • SSDEEP

    768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJY9NO6wbcz2Wk0r9lk:Iok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      9f56f1100288ac7c1873dd170328ca83

    • Size

      36KB

    • MD5

      9f56f1100288ac7c1873dd170328ca83

    • SHA1

      1978ccf88b6295ab162364dee91cdb550b8b7c83

    • SHA256

      974a951fb86a0dbc81181bb003a3bc7ff405c70eacefc67a9da9868b1b6b494c

    • SHA512

      97232ad56fedd6bc8ae68ed31a101fa790f4993f7135b65a15a327ec5e77a57099aaba0248184102f60d5ca95865ee6daea29740f690366880ef0d6e17e2d65d

    • SSDEEP

      768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJY9NO6wbcz2Wk0r9lk:Iok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks