70c47e1e5501f9e7ea198b92f606f686520437ba8413cb4b13ac16a337fee4b8 | Triage

Sharing

General

Target

70c47e1e5501f9e7ea198b92f606f686520437ba8413cb4b13ac16a337fee4b8
Size

217KB
Sample

241120-m77m9szqfm
MD5

4710a2d8a3e73de46c806752074c00da
SHA1

abb83d1792978371aaf33537b658a6fede86a9f4
SHA256

70c47e1e5501f9e7ea198b92f606f686520437ba8413cb4b13ac16a337fee4b8
SHA512

f87d22a8eef5af35c74dc9565155e7a3243b578563cfb1b9b0b264a6132ac5582f853a89ad163338bc6a985706c084a8fddd5d9341c74fc1cb09ea39a13c9f4c
SSDEEP

6144:zKpb8rGYrMPe3q7Q0XV5xtuEsi8/dglyY+TAQXTHGUMEyP5p6f5jQm7FnT:1bGUMVWlbt

Score

10^/10

discovery macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://app.clubdedocentes.com/storage/DCcq9ekgH99sI/

xlm40.dropper

http://linhkiendoc.com/app/payments/qoy5JqpLqrbsKl/

xlm40.dropper

http://sourcecool.com/throng/iOD/

xlm40.dropper

http://www.stickers-et-deco.com/Adapter/lYw/

Targets

- Target
  
  70c47e1e5501f9e7ea198b92f606f686520437ba8413cb4b13ac16a337fee4b8
- Size
  
  217KB
- MD5
  
  4710a2d8a3e73de46c806752074c00da
- SHA1
  
  abb83d1792978371aaf33537b658a6fede86a9f4
- SHA256
  
  70c47e1e5501f9e7ea198b92f606f686520437ba8413cb4b13ac16a337fee4b8
- SHA512
  
  f87d22a8eef5af35c74dc9565155e7a3243b578563cfb1b9b0b264a6132ac5582f853a89ad163338bc6a985706c084a8fddd5d9341c74fc1cb09ea39a13c9f4c
- SSDEEP
  
  6144:zKpb8rGYrMPe3q7Q0XV5xtuEsi8/dglyY+TAQXTHGUMEyP5p6f5jQm7FnT:1bGUMVWlbt
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2