General

  • Target

    b0b1e8b09fc00ac787f4af167c3bddc3

  • Size

    35KB

  • Sample

    240303-3tbxfacf95

  • MD5

    b0b1e8b09fc00ac787f4af167c3bddc3

  • SHA1

    b1b6325c96c0d2664a71525242f63d0e125f7d30

  • SHA256

    b4251120577d1024148345700f001c146947d40d5b747dfafb0504ff44500453

  • SHA512

    5f1b9dd9715e8829ce6cca7f260d6b35bf6a59ff75a1d8a3480dfe9ea5ec1c43a6a3e7b445ecc04995ae1ad5f9d3a8d32f7093054b911f56d4ac641f83f9df43

  • SSDEEP

    768:fPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJnCEfjDFIJWdcVBZAVmOUzg0:Xok3hbdlylKsgqopeJBWhZFGkE+cL2Nz

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      b0b1e8b09fc00ac787f4af167c3bddc3

    • Size

      35KB

    • MD5

      b0b1e8b09fc00ac787f4af167c3bddc3

    • SHA1

      b1b6325c96c0d2664a71525242f63d0e125f7d30

    • SHA256

      b4251120577d1024148345700f001c146947d40d5b747dfafb0504ff44500453

    • SHA512

      5f1b9dd9715e8829ce6cca7f260d6b35bf6a59ff75a1d8a3480dfe9ea5ec1c43a6a3e7b445ecc04995ae1ad5f9d3a8d32f7093054b911f56d4ac641f83f9df43

    • SSDEEP

      768:fPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJnCEfjDFIJWdcVBZAVmOUzg0:Xok3hbdlylKsgqopeJBWhZFGkE+cL2Nz

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks