General

  • Target

    5a4c23f4da40dea29aee9e78ad0bce5c50677d8f240dc32db7ea382f14df9afc

  • Size

    36KB

  • Sample

    240913-f254xswfjl

  • MD5

    7c6cc08832cb9fcefc7c3cc74d7160d3

  • SHA1

    6be9dc48270bb023f06c533d7ef642d37387a033

  • SHA256

    5a4c23f4da40dea29aee9e78ad0bce5c50677d8f240dc32db7ea382f14df9afc

  • SHA512

    4786169980c5c9339937321391ed8d16387e679f3ba2b88aa26aafa3443d7bc7ca972bf073772a65bf8b8999d60787c0239147c88f44a26d5cc48c617d999508

  • SSDEEP

    768:oPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJf63KmlDnNzbFwv8:Eok3hbdlylKsgqopeJBWhZFGkE+cL2NB

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      5a4c23f4da40dea29aee9e78ad0bce5c50677d8f240dc32db7ea382f14df9afc

    • Size

      36KB

    • MD5

      7c6cc08832cb9fcefc7c3cc74d7160d3

    • SHA1

      6be9dc48270bb023f06c533d7ef642d37387a033

    • SHA256

      5a4c23f4da40dea29aee9e78ad0bce5c50677d8f240dc32db7ea382f14df9afc

    • SHA512

      4786169980c5c9339937321391ed8d16387e679f3ba2b88aa26aafa3443d7bc7ca972bf073772a65bf8b8999d60787c0239147c88f44a26d5cc48c617d999508

    • SSDEEP

      768:oPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJf63KmlDnNzbFwv8:Eok3hbdlylKsgqopeJBWhZFGkE+cL2NB

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks