General

  • Target

    a5a1cc89a1819544d3f95b246a11ac24

  • Size

    36KB

  • Sample

    240226-gy6fysfc3w

  • MD5

    a5a1cc89a1819544d3f95b246a11ac24

  • SHA1

    c82d30a9e45beb6351583c0d3973ebd38111671c

  • SHA256

    c3ba2b6e988c39eeedf1c7375e48819de296d791a7f278486efc4176c17f74a0

  • SHA512

    7cbef7bc87c6e1c2e607489110be2b81a2033f3fae050f14293d17e79bf4946547aa7432e264ce41d682b0757903536d2662095ebc5605e570650c0e8d77aa55

  • SSDEEP

    768:nPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJR9d4vVbuUUlND1VMS:Pok3hbdlylKsgqopeJBWhZFGkE+cL2NM

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      a5a1cc89a1819544d3f95b246a11ac24

    • Size

      36KB

    • MD5

      a5a1cc89a1819544d3f95b246a11ac24

    • SHA1

      c82d30a9e45beb6351583c0d3973ebd38111671c

    • SHA256

      c3ba2b6e988c39eeedf1c7375e48819de296d791a7f278486efc4176c17f74a0

    • SHA512

      7cbef7bc87c6e1c2e607489110be2b81a2033f3fae050f14293d17e79bf4946547aa7432e264ce41d682b0757903536d2662095ebc5605e570650c0e8d77aa55

    • SSDEEP

      768:nPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJR9d4vVbuUUlND1VMS:Pok3hbdlylKsgqopeJBWhZFGkE+cL2NM

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks