General

  • Target

    a154ff9f127e9e0e73d13b31c639158f835716edaa2c9382bf3c9cc04c251370

  • Size

    217KB

  • Sample

    241111-wq6jbatajr

  • MD5

    e91cd139e7212ac5b2ce57ed726ea13a

  • SHA1

    e935c06898b6815ad36e9d139e8c67768ed7a2c6

  • SHA256

    a154ff9f127e9e0e73d13b31c639158f835716edaa2c9382bf3c9cc04c251370

  • SHA512

    c138ed8048b14a46e98cc5b57883147995570ff096cc61c54180927710bea9a132f87f992ebfcbc57d9883179ad190ac06afe269b5b23a0c4dcac283730dbedf

  • SSDEEP

    6144:OKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgIyY+TAQXTHGUMEyP5p6f5jQmG:bbGUMVWlbG

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://cursosinterativos.com.br/semprichickoff2/pEl/

xlm40.dropper

http://mulmatdol.com/adm/Fa/

xlm40.dropper

http://www.tugarden.com/docs/csv_import/rf6bMPAtbBPiDK/

xlm40.dropper

http://www.darularqompatean.com/asq/IcVMFfwR65Yf8fMd5G/

Targets

    • Target

      a154ff9f127e9e0e73d13b31c639158f835716edaa2c9382bf3c9cc04c251370

    • Size

      217KB

    • MD5

      e91cd139e7212ac5b2ce57ed726ea13a

    • SHA1

      e935c06898b6815ad36e9d139e8c67768ed7a2c6

    • SHA256

      a154ff9f127e9e0e73d13b31c639158f835716edaa2c9382bf3c9cc04c251370

    • SHA512

      c138ed8048b14a46e98cc5b57883147995570ff096cc61c54180927710bea9a132f87f992ebfcbc57d9883179ad190ac06afe269b5b23a0c4dcac283730dbedf

    • SSDEEP

      6144:OKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgIyY+TAQXTHGUMEyP5p6f5jQmG:bbGUMVWlbG

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks