General
-
Target
catalog-2115670034.zip
-
Size
50KB
-
Sample
210513-1tebmwt3t6
-
MD5
5df4b7a8db430cb07c350a106cdd2ca1
-
SHA1
d0006f690a02ac83e3740c1e1f3667bc8a3c0c8a
-
SHA256
2f5ad87ca621ba86da08c970418fa590b0984c7957452a6f7d375428bc78ef39
-
SHA512
bf99bf9f55865680528329059732f9731fa21aa380e1801cb68007045df9789e3614ac39c7687ce71b641d479517664692d9b72a804157b91fc353c5668128e2
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2115670034.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2115670034.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2115670034.xls
-
Size
367KB
-
MD5
f0b092131d6b7016efbc32bf84cce367
-
SHA1
088141d18f2104b32cc47738ce1cbf65f087bd45
-
SHA256
7c0121adb5e286bca028c60c7b52901ac50bbc47dd8ca3e5a0b7189fbd05eeb3
-
SHA512
9c323717cd2ae7b90625330b692ee747f37565f0d6dc4bc2cd897ca3b01e1e7094f860ccea2fd80c762390a917371546e61bd59bc245dc0ac8b06ee44a552a32
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-