General

  • Target

    1c87047a8489602ebdd5732945136eac11c582c556afe9673bee5a55f18a2e69

  • Size

    95KB

  • Sample

    241111-t9pc2avmgn

  • MD5

    1c2d14862a2cf6505aeb0327233edd84

  • SHA1

    a7b723514e366ed4f76a6fdf3b663740e7ee26f5

  • SHA256

    1c87047a8489602ebdd5732945136eac11c582c556afe9673bee5a55f18a2e69

  • SHA512

    9713a06bda8672e359eb376384a9d307d4788f1789e4357ee23ea18152d2451c2f13a7fe889a338315e19a48a81eeff1951e4fc07edc7cd56c20d151071cee09

  • SSDEEP

    1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmp:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgE

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://fikti.bem.gunadarma.ac.id/SDM/YH8OJ1Zz8miBX/

xlm40.dropper

http://ebuysa.co.za/yt-assets/yZ30/

xlm40.dropper

http://3dstudioa.com.br/files/1ubPAB/

xlm40.dropper

http://boardmart.co.za/images/DvMHPbTLn/

Targets

    • Target

      1c87047a8489602ebdd5732945136eac11c582c556afe9673bee5a55f18a2e69

    • Size

      95KB

    • MD5

      1c2d14862a2cf6505aeb0327233edd84

    • SHA1

      a7b723514e366ed4f76a6fdf3b663740e7ee26f5

    • SHA256

      1c87047a8489602ebdd5732945136eac11c582c556afe9673bee5a55f18a2e69

    • SHA512

      9713a06bda8672e359eb376384a9d307d4788f1789e4357ee23ea18152d2451c2f13a7fe889a338315e19a48a81eeff1951e4fc07edc7cd56c20d151071cee09

    • SSDEEP

      1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmp:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgE

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks