General

  • Target

    b50ff5595a3e47745fe7f7e2b075aa29

  • Size

    36KB

  • Sample

    240305-s4h4dsac6v

  • MD5

    b50ff5595a3e47745fe7f7e2b075aa29

  • SHA1

    a9f5e0bd24a8c0f700466cc533381f66b459a03f

  • SHA256

    754222b22337a25948793e822d262fcf81dc99215e36495f390e73b40a7e059b

  • SHA512

    7bf21d67d15c11dd798aec8579d70bddcd968a5762b64db4991a494e7b8847ff437867b921c2423375d7bd4d814b3b6b57226e79e001d246ee5d8b643dd1df1e

  • SSDEEP

    768:GPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJYmO+5hjjQ/wm5KKU:6ok3hbdlylKsgqopeJBWhZFGkE+cL2NA

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      b50ff5595a3e47745fe7f7e2b075aa29

    • Size

      36KB

    • MD5

      b50ff5595a3e47745fe7f7e2b075aa29

    • SHA1

      a9f5e0bd24a8c0f700466cc533381f66b459a03f

    • SHA256

      754222b22337a25948793e822d262fcf81dc99215e36495f390e73b40a7e059b

    • SHA512

      7bf21d67d15c11dd798aec8579d70bddcd968a5762b64db4991a494e7b8847ff437867b921c2423375d7bd4d814b3b6b57226e79e001d246ee5d8b643dd1df1e

    • SSDEEP

      768:GPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJYmO+5hjjQ/wm5KKU:6ok3hbdlylKsgqopeJBWhZFGkE+cL2NA

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks