2894c9f9a0229b8cbdfa648cf9adae37bd4a368246ea1c8f6ee52474ab8dcb7b | Triage

Sharing

General

Target

2894c9f9a0229b8cbdfa648cf9adae37bd4a368246ea1c8f6ee52474ab8dcb7b
Size

95KB
Sample

241120-kqkfasvjaz
MD5

d3a7eea9067d150a926e5230d73af6bd
SHA1

a66fb70632c243ab4b5acb4e260392910a541288
SHA256

2894c9f9a0229b8cbdfa648cf9adae37bd4a368246ea1c8f6ee52474ab8dcb7b
SHA512

a0a8f6c3702bd7c5d7c6ae83fee98e2a652b5802d053740e19f97ef1618c988cb5576f2ab435d9005c523416d04a6703dd5effee932b65c79a54fc5f08c01dc0
SSDEEP

1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg1HuS4hcTO97v7UYdEJmSCg+:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgq

Score

10^/10

discovery macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://francite.net/images/XI7zS0X1nY/

xlm40.dropper

https://cointrade.world/receipts/Sa6fYJpecEVqiRf05/

xlm40.dropper

http://gedebey-tvradio.info/wp-includes/nOmdPyUpDB/

xlm40.dropper

http://haircutbar.com/cgi-bin/SpJT9OKPmUpJfkGqv/

Targets

- Target
  
  2894c9f9a0229b8cbdfa648cf9adae37bd4a368246ea1c8f6ee52474ab8dcb7b
- Size
  
  95KB
- MD5
  
  d3a7eea9067d150a926e5230d73af6bd
- SHA1
  
  a66fb70632c243ab4b5acb4e260392910a541288
- SHA256
  
  2894c9f9a0229b8cbdfa648cf9adae37bd4a368246ea1c8f6ee52474ab8dcb7b
- SHA512
  
  a0a8f6c3702bd7c5d7c6ae83fee98e2a652b5802d053740e19f97ef1618c988cb5576f2ab435d9005c523416d04a6703dd5effee932b65c79a54fc5f08c01dc0
- SSDEEP
  
  1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg1HuS4hcTO97v7UYdEJmSCg+:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgq
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2