General

  • Target

    a3263f4e77210bf0a0f39ed12d3049a9

  • Size

    36KB

  • Sample

    240225-hmhq7aec48

  • MD5

    a3263f4e77210bf0a0f39ed12d3049a9

  • SHA1

    834ae3ff6c8db2de4f64be516186de2495992461

  • SHA256

    9bb1f72d469a278e65adab8fd1df66dc0bdd883e0f618ad80f8f7a7fb72bfd4d

  • SHA512

    7d2489ddc570fa48d0019723da79d1ee8d9962102191aaa9178d954ede5bdc89075b03549ef36a9d085dabf24f116d9909f8236949eb90c52687b837849444b1

  • SSDEEP

    768:ePqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJolQWdsvL0OIFAL:iok3hbdlylKsgqopeJBWhZFGkE+cL2Nm

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      a3263f4e77210bf0a0f39ed12d3049a9

    • Size

      36KB

    • MD5

      a3263f4e77210bf0a0f39ed12d3049a9

    • SHA1

      834ae3ff6c8db2de4f64be516186de2495992461

    • SHA256

      9bb1f72d469a278e65adab8fd1df66dc0bdd883e0f618ad80f8f7a7fb72bfd4d

    • SHA512

      7d2489ddc570fa48d0019723da79d1ee8d9962102191aaa9178d954ede5bdc89075b03549ef36a9d085dabf24f116d9909f8236949eb90c52687b837849444b1

    • SSDEEP

      768:ePqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJolQWdsvL0OIFAL:iok3hbdlylKsgqopeJBWhZFGkE+cL2Nm

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks