General

  • Target

    f05389f09d98c24eb86e98ca85a07ce26e6f9f5ad8e1ea03321cfb9ad5835c34

  • Size

    94KB

  • Sample

    241111-w658gssnav

  • MD5

    51c9baa4def77435ae654e43be41eacb

  • SHA1

    825e0d15247d075b31ab710be042040cffa802a8

  • SHA256

    f05389f09d98c24eb86e98ca85a07ce26e6f9f5ad8e1ea03321cfb9ad5835c34

  • SHA512

    55f6695f9b52ed403f30d2818122a1de345efb4870bac2b19e34be71280a0f556a043ffdb9eee7826d7a44c67ae36be4ff16f14e00aac91035f32da2962f6336

  • SSDEEP

    1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bosny.com/aspnet_client/NGTx1FUzq/

xlm40.dropper

https://www.berekethaber.com/hatax/c7crGdejW4380ORuxqR/

xlm40.dropper

https://bulldogironworksllc.com/temp/BBh5HHpei/

Targets

    • Target

      f05389f09d98c24eb86e98ca85a07ce26e6f9f5ad8e1ea03321cfb9ad5835c34

    • Size

      94KB

    • MD5

      51c9baa4def77435ae654e43be41eacb

    • SHA1

      825e0d15247d075b31ab710be042040cffa802a8

    • SHA256

      f05389f09d98c24eb86e98ca85a07ce26e6f9f5ad8e1ea03321cfb9ad5835c34

    • SHA512

      55f6695f9b52ed403f30d2818122a1de345efb4870bac2b19e34be71280a0f556a043ffdb9eee7826d7a44c67ae36be4ff16f14e00aac91035f32da2962f6336

    • SSDEEP

      1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks