General
-
Target
SecuriteInfo.com.Exploit.Siggen3.15300.7304.24796
-
Size
233KB
-
Sample
210315-2nmrkgl9hn
-
MD5
6f2293f8412b0321860df515c79ae447
-
SHA1
f46a8288e20702e749578fe6f6b4d935a15872df
-
SHA256
196e1cd140808b282f46375d3cb6e037dc747d28c7e7f3329dffe2a935e545ed
-
SHA512
58a3c66e790c6461c1ff9661b8baad47cd8f9a4d40f7abe2afdc516fbc46a38dcc1e7d5bb7666c035a5433141182950ebb480108dbc78442e543b3b6f5889695
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.15300.7304.24796.xls
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.15300.7304.24796.xls
Resource
win10v20201028
Malware Config
Extracted
http://188.127.235.70/44270.8254283565.dat
http://185.82.217.185/44270.8254283565.dat
http://188.127.235.71/44270.8254283565.dat
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.15300.7304.24796
-
Size
233KB
-
MD5
6f2293f8412b0321860df515c79ae447
-
SHA1
f46a8288e20702e749578fe6f6b4d935a15872df
-
SHA256
196e1cd140808b282f46375d3cb6e037dc747d28c7e7f3329dffe2a935e545ed
-
SHA512
58a3c66e790c6461c1ff9661b8baad47cd8f9a4d40f7abe2afdc516fbc46a38dcc1e7d5bb7666c035a5433141182950ebb480108dbc78442e543b3b6f5889695
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-