General

  • Target

    a52ebc49179a9b4f701f8e926b48dd47

  • Size

    36KB

  • Sample

    240226-cnmtmsba7s

  • MD5

    a52ebc49179a9b4f701f8e926b48dd47

  • SHA1

    6b2e0f47a35093d84996170fb4b447e991fd1521

  • SHA256

    37944271d8224e6be37a9a9f5bb8407f18f8a26d9a296ffc64de72498f6cf5ee

  • SHA512

    ed2e645472bf5146d80ca84d2b4b45537b78e8b8184fbd7ac3490e271d8953d99ecbc9459c8c10a17b11f8129cf91a10ae3c6350edeed7e4d85ab737e96a916d

  • SSDEEP

    768:KPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJutpMpEG6c6q1nQ:eok3hbdlylKsgqopeJBWhZFGkE+cL2Nt

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      a52ebc49179a9b4f701f8e926b48dd47

    • Size

      36KB

    • MD5

      a52ebc49179a9b4f701f8e926b48dd47

    • SHA1

      6b2e0f47a35093d84996170fb4b447e991fd1521

    • SHA256

      37944271d8224e6be37a9a9f5bb8407f18f8a26d9a296ffc64de72498f6cf5ee

    • SHA512

      ed2e645472bf5146d80ca84d2b4b45537b78e8b8184fbd7ac3490e271d8953d99ecbc9459c8c10a17b11f8129cf91a10ae3c6350edeed7e4d85ab737e96a916d

    • SSDEEP

      768:KPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJutpMpEG6c6q1nQ:eok3hbdlylKsgqopeJBWhZFGkE+cL2Nt

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks