General

  • Target

    606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601

  • Size

    243KB

  • Sample

    241111-vszccasejb

  • MD5

    079f7765c25286da18b4c36fd8f8eb74

  • SHA1

    0bd70437f96c22bd3107a8c26b0c518e7d715306

  • SHA256

    606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601

  • SHA512

    9bf9cf19e415cf9421f4e4eb723b9c354ea3419fa3a1905a9c5dc6f91a0e65bda3e45cca6c445c74dcbe8e256c2e85400ebdb61d2d00f2b3b1d08a04efb88d7f

  • SSDEEP

    6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://servidorcarlosydavid.es/wp-admin/jkNPgHxNjF/

xlm40.dropper

https://gmo-sol-p10.heteml.jp/includes/UoJMgYAc1EES/

xlm40.dropper

https://iashanghai.cn/z/Z1PG6ulBh20plss/

xlm40.dropper

https://www.pasionportufuturo.pe/wp-content/HkUfvw0xuCy5/

xlm40.dropper

http://dmdagents.com.au/vqwbgz/CL4Bo4C4VS0deg/

Targets

    • Target

      606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601

    • Size

      243KB

    • MD5

      079f7765c25286da18b4c36fd8f8eb74

    • SHA1

      0bd70437f96c22bd3107a8c26b0c518e7d715306

    • SHA256

      606fca5c43d5a2049ae41c0ab0226269b2ac0ab1270339356711ffb961a62601

    • SHA512

      9bf9cf19e415cf9421f4e4eb723b9c354ea3419fa3a1905a9c5dc6f91a0e65bda3e45cca6c445c74dcbe8e256c2e85400ebdb61d2d00f2b3b1d08a04efb88d7f

    • SSDEEP

      6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks