General

  • Target

    4e59716215358b1963af87001f4b9c2965b20270a981f0815c8deb1093c22bbb

  • Size

    95KB

  • Sample

    241120-xqf44a1pew

  • MD5

    3353a4b9d5935314092349910e762df0

  • SHA1

    66ebeb8e6ca50ce7009e00e7afa062b12f25240e

  • SHA256

    4e59716215358b1963af87001f4b9c2965b20270a981f0815c8deb1093c22bbb

  • SHA512

    0b8c7b4d9672d70024d0d36b2600dff601d52631c7e79bf7fae84ae24593e4c25521d0f04f5596c5a256f7ff6be97b12bc2cf1e7c9334498c9ba6f19e8020afe

  • SSDEEP

    1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmJ:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgk

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://fikti.bem.gunadarma.ac.id/SDM/YH8OJ1Zz8miBX/

xlm40.dropper

http://ebuysa.co.za/yt-assets/yZ30/

xlm40.dropper

http://3dstudioa.com.br/files/1ubPAB/

xlm40.dropper

http://boardmart.co.za/images/DvMHPbTLn/

Targets

    • Target

      4e59716215358b1963af87001f4b9c2965b20270a981f0815c8deb1093c22bbb

    • Size

      95KB

    • MD5

      3353a4b9d5935314092349910e762df0

    • SHA1

      66ebeb8e6ca50ce7009e00e7afa062b12f25240e

    • SHA256

      4e59716215358b1963af87001f4b9c2965b20270a981f0815c8deb1093c22bbb

    • SHA512

      0b8c7b4d9672d70024d0d36b2600dff601d52631c7e79bf7fae84ae24593e4c25521d0f04f5596c5a256f7ff6be97b12bc2cf1e7c9334498c9ba6f19e8020afe

    • SSDEEP

      1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmJ:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgk

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks