General

  • Target

    b9f83ad918d4f735b5cb4bf504719d4f

  • Size

    36KB

  • Sample

    240307-3sp3nshe84

  • MD5

    b9f83ad918d4f735b5cb4bf504719d4f

  • SHA1

    3a00a5c20f15c7bd769984547500fadc8bdd07e0

  • SHA256

    6960e7e7fcb76daad397f19738b82b6d4b7167faca5a71407c1fe7a2dd8870f0

  • SHA512

    c6aafd0ab3b1caa3c9219a08ffd6276ffafbcb38470a526980c91047f9f4d2611b57d86415bf7f7e2215296bfdbbec76a99146e224731d1be9123980678623c7

  • SSDEEP

    768:9PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJqZzbDukY0QJdWf1Yv30dXy8h:1ok3hbdlylKsgqopeJBWhZFGkE+cL2NB

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      b9f83ad918d4f735b5cb4bf504719d4f

    • Size

      36KB

    • MD5

      b9f83ad918d4f735b5cb4bf504719d4f

    • SHA1

      3a00a5c20f15c7bd769984547500fadc8bdd07e0

    • SHA256

      6960e7e7fcb76daad397f19738b82b6d4b7167faca5a71407c1fe7a2dd8870f0

    • SHA512

      c6aafd0ab3b1caa3c9219a08ffd6276ffafbcb38470a526980c91047f9f4d2611b57d86415bf7f7e2215296bfdbbec76a99146e224731d1be9123980678623c7

    • SSDEEP

      768:9PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJqZzbDukY0QJdWf1Yv30dXy8h:1ok3hbdlylKsgqopeJBWhZFGkE+cL2NB

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks