General

  • Target

    24bfcf40481a94be4d8d7b4be0de3a2deba92a6110ffd166dc95e84f994872d1

  • Size

    44KB

  • Sample

    240913-gaz92axdnh

  • MD5

    b91ed1dc82b321987366b814204d4609

  • SHA1

    b7c612c7f69dd27a56d132cd4935b528616a52aa

  • SHA256

    24bfcf40481a94be4d8d7b4be0de3a2deba92a6110ffd166dc95e84f994872d1

  • SHA512

    5ae423d9caeb29499948e1380d1a4c4ffd92788f0fa2740fe47a3d91b81705c995847b28d7e2c9e2e8768a3bd5f09f09fe377a8411c8620e5ec865c0ad02ea8a

  • SSDEEP

    768:fPXk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJWL6uShYUQgcUcwWNvW1Tpl3Zex:XXk3hbdlylKsgqopeJBWhZFGkE+cL2N1

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://gogaurav.com/lkcvjw.php

xlm40.dropper

https://wfduino.com/pcwblt.php

xlm40.dropper

https://susansquires.com/2014-style2.php

xlm40.dropper

https://animalbliss.com/xmlpl.php

Targets

    • Target

      24bfcf40481a94be4d8d7b4be0de3a2deba92a6110ffd166dc95e84f994872d1

    • Size

      44KB

    • MD5

      b91ed1dc82b321987366b814204d4609

    • SHA1

      b7c612c7f69dd27a56d132cd4935b528616a52aa

    • SHA256

      24bfcf40481a94be4d8d7b4be0de3a2deba92a6110ffd166dc95e84f994872d1

    • SHA512

      5ae423d9caeb29499948e1380d1a4c4ffd92788f0fa2740fe47a3d91b81705c995847b28d7e2c9e2e8768a3bd5f09f09fe377a8411c8620e5ec865c0ad02ea8a

    • SSDEEP

      768:fPXk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJWL6uShYUQgcUcwWNvW1Tpl3Zex:XXk3hbdlylKsgqopeJBWhZFGkE+cL2N1

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks