General
-
Target
7b2217eabe518a8d069b89bc057a59124420e7895ca2b20cfc342f227c6005f4
-
Size
157KB
-
Sample
201020-ktlbpk2npn
-
MD5
ef034fe6bd02a5337415718d6e2ed3bb
-
SHA1
dd2af3992733ddc32943cbe2191651f98166cdb9
-
SHA256
7b2217eabe518a8d069b89bc057a59124420e7895ca2b20cfc342f227c6005f4
-
SHA512
ec59dd867b5f862ee7b56937334390b8fee9fe1a9fdbc65f2a632b7d862fe9c082c774a3c09c0590f7772754eddea781e8adc2ca9b520bc1b65cbe5a43402246
Static task
static1
Behavioral task
behavioral1
Sample
7b2217eabe518a8d069b89bc057a59124420e7895ca2b20cfc342f227c6005f4.doc
Resource
win7v200722
Malware Config
Extracted
https://kriya.co.za/cgi-bin/GgSkXPb/
https://colegiodecomunicadoressocialesdelguayas.com/gm-trouble/s/
https://prodominiospruebas.tk/presta/u3U/
https://kushalkafle.com.np/wp-includes/DKA/
https://somoslotto.com/squarePay/GQmEiPp/
https://affiliateking.xyz/parting-out/1MI/
https://dantokpa-market.org/wp/3Sj9Pzt/
https://gabinetedescodificacionbiologica.com/wp-admin/O66/
Targets
-
-
Target
7b2217eabe518a8d069b89bc057a59124420e7895ca2b20cfc342f227c6005f4
-
Size
157KB
-
MD5
ef034fe6bd02a5337415718d6e2ed3bb
-
SHA1
dd2af3992733ddc32943cbe2191651f98166cdb9
-
SHA256
7b2217eabe518a8d069b89bc057a59124420e7895ca2b20cfc342f227c6005f4
-
SHA512
ec59dd867b5f862ee7b56937334390b8fee9fe1a9fdbc65f2a632b7d862fe9c082c774a3c09c0590f7772754eddea781e8adc2ca9b520bc1b65cbe5a43402246
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Executes dropped EXE
-
Drops file in System32 directory
-