General

  • Target

    2b47d6bcc400641e59164ae91722c1a9a777fae89cc46d06787262ce19a8f3ed

  • Size

    95KB

  • Sample

    241120-1vgszatqhv

  • MD5

    136e97e14028fe665b5b5384d5700acf

  • SHA1

    ce52a1c566ceabf465c650976a5b452b151c55b8

  • SHA256

    2b47d6bcc400641e59164ae91722c1a9a777fae89cc46d06787262ce19a8f3ed

  • SHA512

    58cad3ebc3c1e4585bde0cc2e90037428364e1ba31657bc8e8e590af94f6344a1b5b5da877fc5e0a8426ed0cba348de7453bf6cc3b7bbebba5b07dcde32c9bc9

  • SSDEEP

    1536:hFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgg5HuS4hcTO97v7UYdEJmer:7Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg+

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://zonainformatica.es/aspnet_client/n0ULlfoAHHQh9tagckL/

xlm40.dropper

https://napolni.me/3r/ILq7TqCUS/

xlm40.dropper

http://sigratech.de/career/sRpMMHief7H/

xlm40.dropper

http://webbandi.hu/image/Ifm98UCtROXr/

Targets

    • Target

      2b47d6bcc400641e59164ae91722c1a9a777fae89cc46d06787262ce19a8f3ed

    • Size

      95KB

    • MD5

      136e97e14028fe665b5b5384d5700acf

    • SHA1

      ce52a1c566ceabf465c650976a5b452b151c55b8

    • SHA256

      2b47d6bcc400641e59164ae91722c1a9a777fae89cc46d06787262ce19a8f3ed

    • SHA512

      58cad3ebc3c1e4585bde0cc2e90037428364e1ba31657bc8e8e590af94f6344a1b5b5da877fc5e0a8426ed0cba348de7453bf6cc3b7bbebba5b07dcde32c9bc9

    • SSDEEP

      1536:hFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgg5HuS4hcTO97v7UYdEJmer:7Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg+

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks