General

  • Target

    ba24aa24e3bcf5648e6ce0f03e6f9236

  • Size

    36KB

  • Sample

    240308-bk36sacb4y

  • MD5

    ba24aa24e3bcf5648e6ce0f03e6f9236

  • SHA1

    937479e82c0021840c3f16cba1c95f929b309e11

  • SHA256

    c269ff31b0808dbac71053e72125dc7969a8f3cc4d632a2910ce2f65f54b4f89

  • SHA512

    8eeb990a556337712259849ac2c5f0f981a555064f6b655385d826c863f1c0fdf4eea873949f25cb1ab7fc9344854e3c07ab323f8db9fb6022dc802993e2d392

  • SSDEEP

    768:5PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJK+yAJAZouuN2MLBMbM:Rok3hbdlylKsgqopeJBWhZFGkE+cL2N6

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      ba24aa24e3bcf5648e6ce0f03e6f9236

    • Size

      36KB

    • MD5

      ba24aa24e3bcf5648e6ce0f03e6f9236

    • SHA1

      937479e82c0021840c3f16cba1c95f929b309e11

    • SHA256

      c269ff31b0808dbac71053e72125dc7969a8f3cc4d632a2910ce2f65f54b4f89

    • SHA512

      8eeb990a556337712259849ac2c5f0f981a555064f6b655385d826c863f1c0fdf4eea873949f25cb1ab7fc9344854e3c07ab323f8db9fb6022dc802993e2d392

    • SSDEEP

      768:5PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJK+yAJAZouuN2MLBMbM:Rok3hbdlylKsgqopeJBWhZFGkE+cL2N6

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks