General

  • Target

    a1478312f998fd85937a339e726e2493

  • Size

    36KB

  • Sample

    240224-h8c3tsdh5w

  • MD5

    a1478312f998fd85937a339e726e2493

  • SHA1

    b1e4d6b6607ef3ba2d00d862c9633523842005a2

  • SHA256

    9bb7ca4b9721604d380f1e47574f4396a9166ecc4c4eb86845ef5367cbf055dd

  • SHA512

    eb56a38a0b1c6e1d1853491df02ea00a681e75828228f38d57bb63906c6aa209f4500281628fe1c0b944ddd623d63cc963c89043613ccbf0c8e15414f44813c9

  • SSDEEP

    768:dPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJoqrchhLAxRb3QD:Vok3hbdlylKsgqopeJBWhZFGkE+cL2Nd

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      a1478312f998fd85937a339e726e2493

    • Size

      36KB

    • MD5

      a1478312f998fd85937a339e726e2493

    • SHA1

      b1e4d6b6607ef3ba2d00d862c9633523842005a2

    • SHA256

      9bb7ca4b9721604d380f1e47574f4396a9166ecc4c4eb86845ef5367cbf055dd

    • SHA512

      eb56a38a0b1c6e1d1853491df02ea00a681e75828228f38d57bb63906c6aa209f4500281628fe1c0b944ddd623d63cc963c89043613ccbf0c8e15414f44813c9

    • SSDEEP

      768:dPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJoqrchhLAxRb3QD:Vok3hbdlylKsgqopeJBWhZFGkE+cL2Nd

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks