General

  • Target

    a75e86f3618dae1ba2221303f6f1f0b6

  • Size

    36KB

  • Sample

    240226-z336hagf9x

  • MD5

    a75e86f3618dae1ba2221303f6f1f0b6

  • SHA1

    aaa293a28e19772b2cf74e0bbe57c12e38d6e2e5

  • SHA256

    29b8f19ce18883087dd2fee413af6c6f63afa3ef6da747e3ea2a2920cbbe654e

  • SHA512

    1b6d5a4c6cdbbfedd2ef38e90f3c48259ad090dcb2a1e8db259a758b8e5d3ce146e57e295a3a7c4b18b893b50aeea5b8b080813ec4488601eaed86c61203c6d3

  • SSDEEP

    768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ3xl1MaC/jP8n6:Bok3hbdlylKsgqopeJBWhZFGkE+cL2Nj

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      a75e86f3618dae1ba2221303f6f1f0b6

    • Size

      36KB

    • MD5

      a75e86f3618dae1ba2221303f6f1f0b6

    • SHA1

      aaa293a28e19772b2cf74e0bbe57c12e38d6e2e5

    • SHA256

      29b8f19ce18883087dd2fee413af6c6f63afa3ef6da747e3ea2a2920cbbe654e

    • SHA512

      1b6d5a4c6cdbbfedd2ef38e90f3c48259ad090dcb2a1e8db259a758b8e5d3ce146e57e295a3a7c4b18b893b50aeea5b8b080813ec4488601eaed86c61203c6d3

    • SSDEEP

      768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ3xl1MaC/jP8n6:Bok3hbdlylKsgqopeJBWhZFGkE+cL2Nj

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks