General

  • Target

    07b7604fcf0c4c8e048338fa4c582908512a4873656e341d115b4a711f865382

  • Size

    94KB

  • Sample

    241120-xx2z5s1qez

  • MD5

    c724ab3610b9976007d8767a8bd40db2

  • SHA1

    c7be66c40f06601ec89a3f7efe25f37792eae492

  • SHA256

    07b7604fcf0c4c8e048338fa4c582908512a4873656e341d115b4a711f865382

  • SHA512

    76985314499152107c816ba78f9d62f22d1bc988c810d8bce78a2b2a1a34a460e83578b7d740f675dc4aedcc526419bec7e1cfaea9a6eef7cd8c2972a329f372

  • SSDEEP

    1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWB:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bosny.com/aspnet_client/NGTx1FUzq/

xlm40.dropper

https://www.berekethaber.com/hatax/c7crGdejW4380ORuxqR/

xlm40.dropper

https://bulldogironworksllc.com/temp/BBh5HHpei/

Targets

    • Target

      07b7604fcf0c4c8e048338fa4c582908512a4873656e341d115b4a711f865382

    • Size

      94KB

    • MD5

      c724ab3610b9976007d8767a8bd40db2

    • SHA1

      c7be66c40f06601ec89a3f7efe25f37792eae492

    • SHA256

      07b7604fcf0c4c8e048338fa4c582908512a4873656e341d115b4a711f865382

    • SHA512

      76985314499152107c816ba78f9d62f22d1bc988c810d8bce78a2b2a1a34a460e83578b7d740f675dc4aedcc526419bec7e1cfaea9a6eef7cd8c2972a329f372

    • SSDEEP

      1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWB:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks