General

  • Target

    b7d881bdc1361b0b1457a58415ce8d26

  • Size

    35KB

  • Sample

    240306-twragadc3z

  • MD5

    b7d881bdc1361b0b1457a58415ce8d26

  • SHA1

    d7ec09c4a122a837b11d839cb1982ec36d853e79

  • SHA256

    06e7078eb216bb297940c99aa80d05af563ff562739eaae8959dafdf1a89aa0a

  • SHA512

    88ea5ac6f1d03c8f1b608aaed2068369cbeb38fb52c41e272f34809ae798f388779a696a62c456081159971607b0528479b687b33f4b6be37a56f624c83e149f

  • SSDEEP

    768:6PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJXyDCIKFFSV1gnlGx790:uok3hbdlylKsgqopeJBWhZFGkE+cL2NK

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      b7d881bdc1361b0b1457a58415ce8d26

    • Size

      35KB

    • MD5

      b7d881bdc1361b0b1457a58415ce8d26

    • SHA1

      d7ec09c4a122a837b11d839cb1982ec36d853e79

    • SHA256

      06e7078eb216bb297940c99aa80d05af563ff562739eaae8959dafdf1a89aa0a

    • SHA512

      88ea5ac6f1d03c8f1b608aaed2068369cbeb38fb52c41e272f34809ae798f388779a696a62c456081159971607b0528479b687b33f4b6be37a56f624c83e149f

    • SSDEEP

      768:6PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJXyDCIKFFSV1gnlGx790:uok3hbdlylKsgqopeJBWhZFGkE+cL2NK

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks