0b01ad1e76acf696ca23789e91e29978edcc7ff784a1c918fef40be735a673f8 | Triage

Sharing

General

Target

c360697909a7d7fcd03351e7faf210b0
Size

36KB
Sample

240312-ppdnksaf78
MD5

c360697909a7d7fcd03351e7faf210b0
SHA1

bf376ca45606669ec2424fab2b78c6dde60aee20
SHA256

0b01ad1e76acf696ca23789e91e29978edcc7ff784a1c918fef40be735a673f8
SHA512

0690cbe013dbd704fb9f7c19b9271c61018fe34e2c648a2ae9887a966284c342117e6065c56372b87c72c9061062d4bdefd6b7b0daeafd9fe92f683e373823a5
SSDEEP

768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJQZWqUQQSneu/lc:Iok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://markens.online/wp-data.php

Targets

- Target
  
  c360697909a7d7fcd03351e7faf210b0
- Size
  
  36KB
- MD5
  
  c360697909a7d7fcd03351e7faf210b0
- SHA1
  
  bf376ca45606669ec2424fab2b78c6dde60aee20
- SHA256
  
  0b01ad1e76acf696ca23789e91e29978edcc7ff784a1c918fef40be735a673f8
- SHA512
  
  0690cbe013dbd704fb9f7c19b9271c61018fe34e2c648a2ae9887a966284c342117e6065c56372b87c72c9061062d4bdefd6b7b0daeafd9fe92f683e373823a5
- SSDEEP
  
  768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJQZWqUQQSneu/lc:Iok3hbdlylKsgqopeJBWhZFGkE+cL2Ns
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2