General

  • Target

    913332fe65ad2756918734b77908f73e7f9581fc71355d323d6de0779da194f2

  • Size

    94KB

  • Sample

    241111-vq696svqgk

  • MD5

    3c18fae1751c58d0cc4d6fd34a593be1

  • SHA1

    b1da95205fee4de39a1eb6d2a9c454d8dbab96e4

  • SHA256

    913332fe65ad2756918734b77908f73e7f9581fc71355d323d6de0779da194f2

  • SHA512

    3ccdb9f954bf079842930a296a6d77d0fcc2d7146eab22e6c57fc73d2c2e952332b1a49691ae221987becbe46c42646e4ac533a8aa358ca2370507569a8c200f

  • SSDEEP

    1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWB:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bosny.com/aspnet_client/NGTx1FUzq/

xlm40.dropper

https://www.berekethaber.com/hatax/c7crGdejW4380ORuxqR/

xlm40.dropper

https://bulldogironworksllc.com/temp/BBh5HHpei/

Targets

    • Target

      913332fe65ad2756918734b77908f73e7f9581fc71355d323d6de0779da194f2

    • Size

      94KB

    • MD5

      3c18fae1751c58d0cc4d6fd34a593be1

    • SHA1

      b1da95205fee4de39a1eb6d2a9c454d8dbab96e4

    • SHA256

      913332fe65ad2756918734b77908f73e7f9581fc71355d323d6de0779da194f2

    • SHA512

      3ccdb9f954bf079842930a296a6d77d0fcc2d7146eab22e6c57fc73d2c2e952332b1a49691ae221987becbe46c42646e4ac533a8aa358ca2370507569a8c200f

    • SSDEEP

      1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWB:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks