General

  • Target

    ae9596a28288fc8958d3c6f116eef4bed826633110e2596b275ea26dfd340372

  • Size

    95KB

  • Sample

    240831-z1k7xawapb

  • MD5

    13c65a57353ded65445a7b551833a22a

  • SHA1

    2a8798ebf7fa406dd15c9a43ff2357914fa8ce77

  • SHA256

    ae9596a28288fc8958d3c6f116eef4bed826633110e2596b275ea26dfd340372

  • SHA512

    40708e8446263c618936e8421f618e7bd9626233878413bd79688a1f051c11807854f80d20f6440d686571fb6df299dc51117d278d843186f3de344c995f0ac6

  • SSDEEP

    1536:hFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgCHuS4hcTO97v7UYdEJm0u:7Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgz

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://www.sunflowerlaboratory.in/fonts/79Tq62ly/

xlm40.dropper

http://dirigent.co.uk/vardagsekonomi/iC36jJ4J1cf/

xlm40.dropper

http://agtrade.hu/images/kiQYmOs2tSKq/

xlm40.dropper

https://www.zachboyle.com/wp-admin/EA470ZrTGNkuA/

Targets

    • Target

      ae9596a28288fc8958d3c6f116eef4bed826633110e2596b275ea26dfd340372

    • Size

      95KB

    • MD5

      13c65a57353ded65445a7b551833a22a

    • SHA1

      2a8798ebf7fa406dd15c9a43ff2357914fa8ce77

    • SHA256

      ae9596a28288fc8958d3c6f116eef4bed826633110e2596b275ea26dfd340372

    • SHA512

      40708e8446263c618936e8421f618e7bd9626233878413bd79688a1f051c11807854f80d20f6440d686571fb6df299dc51117d278d843186f3de344c995f0ac6

    • SSDEEP

      1536:hFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgCHuS4hcTO97v7UYdEJm0u:7Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgz

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks