General

  • Target

    a7838012d6da4266a2d3cdd43c2f3bdc86401f32a8ea135922236142495adac6

  • Size

    36KB

  • Sample

    240226-11zkzaaa2s

  • MD5

    168949f9416edbf1796015eb0d64f979

  • SHA1

    2e61e59497ba45be425dbb58492aa1d050619b45

  • SHA256

    a7838012d6da4266a2d3cdd43c2f3bdc86401f32a8ea135922236142495adac6

  • SHA512

    43aeab5d516d45a4a1928a014e8f14579c0ff7e864fa6fc90640e7039f4ae0cf6f4c8db7ab58b35b74a5f9247911b21cd3377b9d87e7096379f35cfd7949cce7

  • SSDEEP

    768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJO17vty7sYH+ag:Bok3hbdlylKsgqopeJBWhZFGkE+cL2NP

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      a7838012d6da4266a2d3cdd43c2f3bdc86401f32a8ea135922236142495adac6

    • Size

      36KB

    • MD5

      168949f9416edbf1796015eb0d64f979

    • SHA1

      2e61e59497ba45be425dbb58492aa1d050619b45

    • SHA256

      a7838012d6da4266a2d3cdd43c2f3bdc86401f32a8ea135922236142495adac6

    • SHA512

      43aeab5d516d45a4a1928a014e8f14579c0ff7e864fa6fc90640e7039f4ae0cf6f4c8db7ab58b35b74a5f9247911b21cd3377b9d87e7096379f35cfd7949cce7

    • SSDEEP

      768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJO17vty7sYH+ag:Bok3hbdlylKsgqopeJBWhZFGkE+cL2NP

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks