General

  • Target

    1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda

  • Size

    83KB

  • Sample

    240830-14v2ysyepd

  • MD5

    c2387929be8ef7e965e02d7b8a57b1b8

  • SHA1

    eed9c4a75000a59a48956b6c76484d1bc64d94a8

  • SHA256

    1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda

  • SHA512

    caeb0337d9c7fc28d5c4bc6c0b3ea634b04175594e4d9cfa483a8f1ccfbeeb70e79c95d344f9b44d927e6bf6bfa6a63548b24a5328de7e2702dbf6f8be975767

  • SSDEEP

    1536:F5Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv91vrVmxJiME2GhdD52lZPFu1AOg/+tl:rKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgb

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://cabalasgov.com.br/OC3zbnSCG/j.html

xlm40.dropper

https://guatec.com.br/NwnJ4ODx/j.html

xlm40.dropper

https://site.advancertv.com/VbUzCCQo/j.html

Targets

    • Target

      1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda

    • Size

      83KB

    • MD5

      c2387929be8ef7e965e02d7b8a57b1b8

    • SHA1

      eed9c4a75000a59a48956b6c76484d1bc64d94a8

    • SHA256

      1bf91913a78a65c10c5bb61a8a4c92e6b68bbc10b0851c5275b9886aae9acfda

    • SHA512

      caeb0337d9c7fc28d5c4bc6c0b3ea634b04175594e4d9cfa483a8f1ccfbeeb70e79c95d344f9b44d927e6bf6bfa6a63548b24a5328de7e2702dbf6f8be975767

    • SSDEEP

      1536:F5Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgv91vrVmxJiME2GhdD52lZPFu1AOg/+tl:rKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgb

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks