a04fb147d885a98405b843401f5b690a025d83e3aaf24bb4cddf8fb9ff245d69 | Triage

Sharing

General

Target

a04fb147d885a98405b843401f5b690a025d83e3aaf24bb4cddf8fb9ff245d69
Size

95KB
Sample

241120-k1deqsyrbk
MD5

00f1524e233399b927f757baa1ed432d
SHA1

ff1a4403e2ca601122d9ff65a4e489910a724b56
SHA256

a04fb147d885a98405b843401f5b690a025d83e3aaf24bb4cddf8fb9ff245d69
SHA512

6fd728d7a9516b188d85e42616ed3363a71b3bbcaf9edb6749670c9e6c0114293fcf2f654df34ab785be4db5ff29ddc07ffa86597a7b996ec0686a4821ce53e0
SSDEEP

1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg1HuS4hcTO97v7UYdEJmSC8+:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgW

Score

10^/10

discovery macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://francite.net/images/XI7zS0X1nY/

xlm40.dropper

https://cointrade.world/receipts/Sa6fYJpecEVqiRf05/

xlm40.dropper

http://gedebey-tvradio.info/wp-includes/nOmdPyUpDB/

xlm40.dropper

http://haircutbar.com/cgi-bin/SpJT9OKPmUpJfkGqv/

Targets

- Target
  
  a04fb147d885a98405b843401f5b690a025d83e3aaf24bb4cddf8fb9ff245d69
- Size
  
  95KB
- MD5
  
  00f1524e233399b927f757baa1ed432d
- SHA1
  
  ff1a4403e2ca601122d9ff65a4e489910a724b56
- SHA256
  
  a04fb147d885a98405b843401f5b690a025d83e3aaf24bb4cddf8fb9ff245d69
- SHA512
  
  6fd728d7a9516b188d85e42616ed3363a71b3bbcaf9edb6749670c9e6c0114293fcf2f654df34ab785be4db5ff29ddc07ffa86597a7b996ec0686a4821ce53e0
- SSDEEP
  
  1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg1HuS4hcTO97v7UYdEJmSC8+:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgW
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2