General

  • Target

    b32ec640e52d2675511ef327343e18f3ff07c245c32738b5f82df3241a9d0814

  • Size

    36KB

  • Sample

    240913-f31ktsxanf

  • MD5

    299089cf0875a8b98d6028c11acdbc29

  • SHA1

    0fe156a2f0bfeabfea039f7d059d1372abb8ea36

  • SHA256

    b32ec640e52d2675511ef327343e18f3ff07c245c32738b5f82df3241a9d0814

  • SHA512

    699260e53be7546a76d9c2b4ce938da735ba3041059c953282878a06454b9f490f9eb0dfee519876f5dd4cd46ffc752899c524213e1bc2416acf9aecff972124

  • SSDEEP

    768:rPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJf63KmlDnNzbFwvz:Tok3hbdlylKsgqopeJBWhZFGkE+cL2Nm

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      b32ec640e52d2675511ef327343e18f3ff07c245c32738b5f82df3241a9d0814

    • Size

      36KB

    • MD5

      299089cf0875a8b98d6028c11acdbc29

    • SHA1

      0fe156a2f0bfeabfea039f7d059d1372abb8ea36

    • SHA256

      b32ec640e52d2675511ef327343e18f3ff07c245c32738b5f82df3241a9d0814

    • SHA512

      699260e53be7546a76d9c2b4ce938da735ba3041059c953282878a06454b9f490f9eb0dfee519876f5dd4cd46ffc752899c524213e1bc2416acf9aecff972124

    • SSDEEP

      768:rPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJf63KmlDnNzbFwvz:Tok3hbdlylKsgqopeJBWhZFGkE+cL2Nm

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks