General

  • Target

    f0c302518e1410ecb0a36c3c1df837bc18b080012eb2896ebfa423dd18a48365

  • Size

    91KB

  • Sample

    241111-wmp26ashmn

  • MD5

    3c2f522e2473f9a6bb3f844912665604

  • SHA1

    a609bec484b38388132fbc3a7c6bdd9c152a6999

  • SHA256

    f0c302518e1410ecb0a36c3c1df837bc18b080012eb2896ebfa423dd18a48365

  • SHA512

    0d8265c9a2523b4c49851138b311ca439f4a6efbf5870d87fa56156a2546901c2582eeb629cd0754cc697926e5a82960e7869150a87ead82e47ad75207310fef

  • SSDEEP

    1536:vKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgHbCXuZH4gb4CEn9J4ZnX5:vKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg9

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://datie-tw.com/img/O8G0RDZj7MYCuJyPoP/

xlm40.dropper

http://sbm.xinmoshiwang.com/upload/VaOfWEb3pW76UO/

xlm40.dropper

https://copunupo.ac.zm/cgi-bin/WFFcGx/

xlm40.dropper

http://ly.yjlianyi.top/wp-admin/4cChao/

Targets

    • Target

      f0c302518e1410ecb0a36c3c1df837bc18b080012eb2896ebfa423dd18a48365

    • Size

      91KB

    • MD5

      3c2f522e2473f9a6bb3f844912665604

    • SHA1

      a609bec484b38388132fbc3a7c6bdd9c152a6999

    • SHA256

      f0c302518e1410ecb0a36c3c1df837bc18b080012eb2896ebfa423dd18a48365

    • SHA512

      0d8265c9a2523b4c49851138b311ca439f4a6efbf5870d87fa56156a2546901c2582eeb629cd0754cc697926e5a82960e7869150a87ead82e47ad75207310fef

    • SSDEEP

      1536:vKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgHbCXuZH4gb4CEn9J4ZnX5:vKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg9

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks