18de59ab0a7a7a97ed10d758ba1b7edf5b16e3e9e1cdb1666c2b8b48516238b8 | Triage

Sharing

General

Target

18de59ab0a7a7a97ed10d758ba1b7edf5b16e3e9e1cdb1666c2b8b48516238b8
Size

95KB
Sample

241120-12cslatgkf
MD5

bbaafdac247e6552e7784ef812d7df72
SHA1

2431d65c7340e39df1f2af32db3e179cd701967a
SHA256

18de59ab0a7a7a97ed10d758ba1b7edf5b16e3e9e1cdb1666c2b8b48516238b8
SHA512

36f5baea0c88998282045d7ab0e7578840d533d8f26b82d051575358d0a36fb1794077a89a1dc14ad3fe4cd56a047f873802520eea7ab139030da64f74e482d0
SSDEEP

1536:gFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg0yHuS4hcTO97v7UYdEJmAb:GKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgD

Score

10^/10

discovery macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://f5ajans.com/merthel/vvWRK/KVVGB6o7SPoorfaI/

xlm40.dropper

http://emett.com/images/kk2l4zoRKwv2vIEK/

xlm40.dropper

https://www.duinrand-s.nl/Nieuws/S9Y8DumfrBU1r5unO/

xlm40.dropper

http://galileuconcursos.com.br/wp-admin/Pt8VGg/

Targets

- Target
  
  18de59ab0a7a7a97ed10d758ba1b7edf5b16e3e9e1cdb1666c2b8b48516238b8
- Size
  
  95KB
- MD5
  
  bbaafdac247e6552e7784ef812d7df72
- SHA1
  
  2431d65c7340e39df1f2af32db3e179cd701967a
- SHA256
  
  18de59ab0a7a7a97ed10d758ba1b7edf5b16e3e9e1cdb1666c2b8b48516238b8
- SHA512
  
  36f5baea0c88998282045d7ab0e7578840d533d8f26b82d051575358d0a36fb1794077a89a1dc14ad3fe4cd56a047f873802520eea7ab139030da64f74e482d0
- SSDEEP
  
  1536:gFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg0yHuS4hcTO97v7UYdEJmAb:GKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgD
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2