General

  • Target

    b145e092d1f845fe7d49e080568ac2ce

  • Size

    158KB

  • Sample

    240304-fl1jhaad8y

  • MD5

    b145e092d1f845fe7d49e080568ac2ce

  • SHA1

    599c4e668ed877e7fa4997895cb2fc3ec1c579b8

  • SHA256

    99d0142bd89e68940d71a22121b0cd853a0c6babc07faa71baa0bcb168cb7a85

  • SHA512

    78c473f615f0e53b9dac241e0e25bf51f97fa6513dc9800830a1c0a4335064f5bcb18ea271d0ba4a7e43d2538e36239030ffef1edd022f7e4688e2ffc5c7016f

  • SSDEEP

    3072:lHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:lFTkeGKdxVyWxfMU3liWA6FsYq

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://biopaten.no/xeBP8Oj5/gg.html

xlm40.dropper

https://beartoothkawasaki.com/QJT19jhtwHt/gg.html

Targets

    • Target

      b145e092d1f845fe7d49e080568ac2ce

    • Size

      158KB

    • MD5

      b145e092d1f845fe7d49e080568ac2ce

    • SHA1

      599c4e668ed877e7fa4997895cb2fc3ec1c579b8

    • SHA256

      99d0142bd89e68940d71a22121b0cd853a0c6babc07faa71baa0bcb168cb7a85

    • SHA512

      78c473f615f0e53b9dac241e0e25bf51f97fa6513dc9800830a1c0a4335064f5bcb18ea271d0ba4a7e43d2538e36239030ffef1edd022f7e4688e2ffc5c7016f

    • SSDEEP

      3072:lHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:lFTkeGKdxVyWxfMU3liWA6FsYq

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks