General

  • Target

    3becfd6769e643cce73f1773cf70cd661c4abec3e67146df7e9346622ca26cdf

  • Size

    95KB

  • Sample

    241111-vacqma1hpj

  • MD5

    1cf634cc61def7409dd73ce1410e19ae

  • SHA1

    aec35cd15fb31b55d0b7569d6a63c61e4c91241f

  • SHA256

    3becfd6769e643cce73f1773cf70cd661c4abec3e67146df7e9346622ca26cdf

  • SHA512

    3e56b4a79ab621e12385accd0e0fd07c020bf2445788a334ea53dbbbdcf69647f95f24326e346921be8f1f03077bc399e9ddbbf5a35e204f00316b165bad3b97

  • SSDEEP

    1536:PFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgPHuS4hcTO97v7UYdEJmXNHE:tKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgN

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://aysbody.com/catalog/Oax5/

xlm40.dropper

http://www.garantihaliyikama.com/wp-admin/QVvdNIasGj/

xlm40.dropper

https://yoymanajemen.id/wp-content/khXBxIm5/

xlm40.dropper

https://dawtona.dev.goldensystem.pl/wp-admin/EX05554XhKk3ee2cQ/

Targets

    • Target

      3becfd6769e643cce73f1773cf70cd661c4abec3e67146df7e9346622ca26cdf

    • Size

      95KB

    • MD5

      1cf634cc61def7409dd73ce1410e19ae

    • SHA1

      aec35cd15fb31b55d0b7569d6a63c61e4c91241f

    • SHA256

      3becfd6769e643cce73f1773cf70cd661c4abec3e67146df7e9346622ca26cdf

    • SHA512

      3e56b4a79ab621e12385accd0e0fd07c020bf2445788a334ea53dbbbdcf69647f95f24326e346921be8f1f03077bc399e9ddbbf5a35e204f00316b165bad3b97

    • SSDEEP

      1536:PFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgPHuS4hcTO97v7UYdEJmXNHE:tKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgN

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks