General

  • Target

    9e69dd5a5434a834ef9ccb5555748a3f4183864a95a1b6a37b61fa3b0c0a626a

  • Size

    46KB

  • Sample

    240911-1qywpavcrp

  • MD5

    1144b58a390bc771651b4aff83e392ba

  • SHA1

    33fab149b63b7fd317a3b5bbbb20482f76ccec56

  • SHA256

    9e69dd5a5434a834ef9ccb5555748a3f4183864a95a1b6a37b61fa3b0c0a626a

  • SHA512

    1bcce3c973f81748522f9b717e4a2aabb9edf9e15489a397694b1ddc88b428b8e26768f792b492508fc4de8c667a7f49bf40adc4692a739b3fc2d1183e902a11

  • SSDEEP

    768:7DMPKpb8rGYrMPe3q7Q0XV5xtezE8vpI8UM+VmQs7iqj/X20eu2e:7YKpb8rGYrMPe3q7Q0XV5xtezE8vG8Uq

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://www.yedirenkajans.com/eski/y91J/

xlm40.dropper

http://yahir-fz.com/joy/ZnIjgkgZ18/

xlm40.dropper

http://www.wahkiulogistics.com.hk/upload/AvtsILsT00O/

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://www.yedirenkajans.com/eski/y91J/

xlm40.dropper

http://yahir-fz.com/joy/ZnIjgkgZ18/

Targets

    • Target

      9e69dd5a5434a834ef9ccb5555748a3f4183864a95a1b6a37b61fa3b0c0a626a

    • Size

      46KB

    • MD5

      1144b58a390bc771651b4aff83e392ba

    • SHA1

      33fab149b63b7fd317a3b5bbbb20482f76ccec56

    • SHA256

      9e69dd5a5434a834ef9ccb5555748a3f4183864a95a1b6a37b61fa3b0c0a626a

    • SHA512

      1bcce3c973f81748522f9b717e4a2aabb9edf9e15489a397694b1ddc88b428b8e26768f792b492508fc4de8c667a7f49bf40adc4692a739b3fc2d1183e902a11

    • SSDEEP

      768:7DMPKpb8rGYrMPe3q7Q0XV5xtezE8vpI8UM+VmQs7iqj/X20eu2e:7YKpb8rGYrMPe3q7Q0XV5xtezE8vG8Uq

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks