General
-
Target
found (60).zip
-
Size
15KB
-
Sample
210222-ted975q256
-
MD5
946b606597a000f7ca3d08ca7ab9f9d8
-
SHA1
491ff671c71d3ad85f495f808cb82968aa03c513
-
SHA256
cb16e8bbaafeca728ff22b743c3512e814a943ff080c80610efd51d8c296fad7
-
SHA512
b6f5cb8a7138d35b72d7f45004af60585774fe201a29848a3f388bc34254683a4349bafbb1061639212f0dba665f07dea661d629529df53690611108eb1d52c4
Behavioral task
behavioral1
Sample
document-2059398424.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
document-2059398424.xls
Resource
win10v20201028
Malware Config
Extracted
https://mavenconsulting.com.pk/ds/2202.gif
Targets
-
-
Target
document-2059398424.xls
-
Size
91KB
-
MD5
2d092de84c63e64fc77da5cf97777bef
-
SHA1
fe9c05e4da68a5a174bde0e7e52855297fffd135
-
SHA256
f8735d5dad4c1b40b8b27f1b206c3ee3345daf03c80d911015495e528040cb73
-
SHA512
83353edfb2aa7409c7cedc7461df296968c0ce38d4d54953e320cd9d5b84337071a1e677bad28eefdc53908a61d55383e6b172a9eaa7164bfc6dc5e39afd057f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-