General

  • Target

    a177437bc4d09885083e24a32db740b1

  • Size

    35KB

  • Sample

    240224-kywtasfc33

  • MD5

    a177437bc4d09885083e24a32db740b1

  • SHA1

    656fcb4531cd5faeea3427840794e7741a661c90

  • SHA256

    d6d5f8738cd654030dc68d65da9f20565dffd60ed0936b2c1aa1879bf09348cc

  • SHA512

    881e40fa0bdd15e7fcc37e3000294d134a3d2a6d0e6ab000bef1a51819606bb58357283666e1e23d566cfd5ddf1a39ab142b8e6721957e1e82f9c317c3da73cf

  • SSDEEP

    768:PPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ/sBx1GFlvkOB:nok3hbdlylKsgqopeJBWhZFGkE+cL2NQ

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      a177437bc4d09885083e24a32db740b1

    • Size

      35KB

    • MD5

      a177437bc4d09885083e24a32db740b1

    • SHA1

      656fcb4531cd5faeea3427840794e7741a661c90

    • SHA256

      d6d5f8738cd654030dc68d65da9f20565dffd60ed0936b2c1aa1879bf09348cc

    • SHA512

      881e40fa0bdd15e7fcc37e3000294d134a3d2a6d0e6ab000bef1a51819606bb58357283666e1e23d566cfd5ddf1a39ab142b8e6721957e1e82f9c317c3da73cf

    • SSDEEP

      768:PPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ/sBx1GFlvkOB:nok3hbdlylKsgqopeJBWhZFGkE+cL2NQ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks