General

  • Target

    b863a44ddc34320fde316dd5524958a3

  • Size

    36KB

  • Sample

    240307-lcdk9sgb44

  • MD5

    b863a44ddc34320fde316dd5524958a3

  • SHA1

    f2087fc8eb7a9a5d766808ea96f509928e0d04ba

  • SHA256

    da84306a38bb473e2e94662c38cc3513226ae677682a29a8ce26fdd2c701ec6e

  • SHA512

    5eead5095945ace0d25797f8651a0ff631d51d747cabc777f21e348b1acce7af5f58242c24c2b242f8ef562deea09d60227c7bed0ad44bd53fc658cb6af5a191

  • SSDEEP

    768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJNZSaWyoVNz7MduAQsI:Cok3hbdlylKsgqopeJBWhZFGkE+cL2NR

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      b863a44ddc34320fde316dd5524958a3

    • Size

      36KB

    • MD5

      b863a44ddc34320fde316dd5524958a3

    • SHA1

      f2087fc8eb7a9a5d766808ea96f509928e0d04ba

    • SHA256

      da84306a38bb473e2e94662c38cc3513226ae677682a29a8ce26fdd2c701ec6e

    • SHA512

      5eead5095945ace0d25797f8651a0ff631d51d747cabc777f21e348b1acce7af5f58242c24c2b242f8ef562deea09d60227c7bed0ad44bd53fc658cb6af5a191

    • SSDEEP

      768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJNZSaWyoVNz7MduAQsI:Cok3hbdlylKsgqopeJBWhZFGkE+cL2NR

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks