Resubmissions
06-05-2021 11:48
210506-t228k9s662 10General
-
Target
40fffcb2-bbca-4c3c-8a47-c8a46d08b67b.zip
-
Size
62KB
-
Sample
210506-t228k9s662
-
MD5
54e50aee6df5255cce56434f3df1fd3f
-
SHA1
fbae62455abd1f5290c16e0c084f5f9080a3dc73
-
SHA256
a8fa2bc68cf2b47965315c68bcde06cd09c139e4c8bd61efec7c0a533202308e
-
SHA512
33e7a4afe57f4585465ae3d489677f6db73494b72924de7ca3929e0a4395a5f9c2b8cae7258845491a5a331df70fba8da228b602b6bbbfe506aa69866dee80af
Static task
static1
Behavioral task
behavioral1
Sample
Users/valdershof/AppData/Local/Temp/1/Temp1_request (2).zip/statistics.05.05.21.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Users/valdershof/AppData/Local/Temp/1/Temp1_request (2).zip/statistics.05.05.21.doc
Resource
win10v20210410
Malware Config
Targets
-
-
Target
Users/valdershof/AppData/Local/Temp/1/Temp1_request (2).zip/statistics.05.05.21.doc
-
Size
79KB
-
MD5
5b1f0547ccf84dcbff593f7c8f5942d8
-
SHA1
3e5a4257f797363211724a83b40b42c84396bf47
-
SHA256
643ead4ad454664576dd55236b4d924a91294d155315ec8860af96a6157263d4
-
SHA512
a149e6d4bf6093b3af4fffc14824335a72cff53cea28d27a103f98a450439768ab29f0a532a512364e5b5b726fccb2bc051aaebb145b5ca05680c01c088c7ab6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-