General

  • Target

    a55bb3424ca85ffc1cd5d6d1a4c0a528

  • Size

    85KB

  • Sample

    240226-ee672acf5z

  • MD5

    a55bb3424ca85ffc1cd5d6d1a4c0a528

  • SHA1

    ef509532276ceeaea6fcc0b9e6de7e7cde0416b4

  • SHA256

    5440cdc56e127bdc373ca62b5c7b183213f626f63bdfeacb3f4851d3a9607bcc

  • SHA512

    4f89ca25762d9f1ce7a1556802d31a6aa4e1656e08e39f5e508867927be1d81baefb57dda4ae78d760e8b1bfca91abc535b76ecfa429e97ff6079d2da340c05f

  • SSDEEP

    1536:UDhVxmyaa15pRxrDK341rDmf5TTlMVGoIahaDHTU6hryF70liWWGH0AeW/:8VIyaa1/rDSOmf92sTU2yF70liWW20k

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://162.248.227.39/first.php

Targets

    • Target

      a55bb3424ca85ffc1cd5d6d1a4c0a528

    • Size

      85KB

    • MD5

      a55bb3424ca85ffc1cd5d6d1a4c0a528

    • SHA1

      ef509532276ceeaea6fcc0b9e6de7e7cde0416b4

    • SHA256

      5440cdc56e127bdc373ca62b5c7b183213f626f63bdfeacb3f4851d3a9607bcc

    • SHA512

      4f89ca25762d9f1ce7a1556802d31a6aa4e1656e08e39f5e508867927be1d81baefb57dda4ae78d760e8b1bfca91abc535b76ecfa429e97ff6079d2da340c05f

    • SSDEEP

      1536:UDhVxmyaa15pRxrDK341rDmf5TTlMVGoIahaDHTU6hryF70liWWGH0AeW/:8VIyaa1/rDSOmf92sTU2yF70liWW20k

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks