53f032d40bff8d96054565acac5531fe4ef8c39ca1cf77163faf943124bd1922 | Triage

Sharing

General

Target

53f032d40bff8d96054565acac5531fe4ef8c39ca1cf77163faf943124bd1922
Size

47KB
Sample

241120-pqm9eawfqh
MD5

29f030ba3618bbd0ef1bf728ca271716
SHA1

e468dcf7fbd97088bf05ac3f6a1481d80a8b1a42
SHA256

53f032d40bff8d96054565acac5531fe4ef8c39ca1cf77163faf943124bd1922
SHA512

49a8ce85a8cdfe002581c69007de1c383b4fbbd5525461960ece22ea74468982aada6e559220e2fc254e2eaf79ce2ba5feca2c25492bddc6ad4e5d51af2ced67
SSDEEP

768:4DM52tfQXi8vgLZkTOHkQT51Vp6AwPdM8gQ6JT5X6DGwUdh+pqjeSLjcvLtzrxFm:462tfQXi8vgLZkTOHkQT51Vp6AwPe8gz

Score

10^/10

discovery macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://www.escueladecinemza.com.ar/_installation/IBlj/

Targets

- Target
  
  53f032d40bff8d96054565acac5531fe4ef8c39ca1cf77163faf943124bd1922
- Size
  
  47KB
- MD5
  
  29f030ba3618bbd0ef1bf728ca271716
- SHA1
  
  e468dcf7fbd97088bf05ac3f6a1481d80a8b1a42
- SHA256
  
  53f032d40bff8d96054565acac5531fe4ef8c39ca1cf77163faf943124bd1922
- SHA512
  
  49a8ce85a8cdfe002581c69007de1c383b4fbbd5525461960ece22ea74468982aada6e559220e2fc254e2eaf79ce2ba5feca2c25492bddc6ad4e5d51af2ced67
- SSDEEP
  
  768:4DM52tfQXi8vgLZkTOHkQT51Vp6AwPdM8gQ6JT5X6DGwUdh+pqjeSLjcvLtzrxFm:462tfQXi8vgLZkTOHkQT51Vp6AwPe8gz
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2