General
-
Target
catalog-225145695.zip
-
Size
50KB
-
Sample
210513-224zlytwcx
-
MD5
da956ff8d8548c70e8858af87af4c19b
-
SHA1
d0a8245702ebaf0c7e935fbdf86ab150d357f88c
-
SHA256
dbad9e585e2fc8879233167325116f93ebcfb7a9dd91e77186f8630608c99edc
-
SHA512
ea267ec8e6b13ef7da6cca088991fce6bfe77b1a23556674c685055a92cba2d4ef32d492dfda05515771507fc06c23a5a4de6b6c56e6aa51c8c99da1fe462cee
Static task
static1
Behavioral task
behavioral1
Sample
catalog-225145695.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-225145695.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-225145695.xls
-
Size
367KB
-
MD5
405bab43c323b0b782035b1d323e7b80
-
SHA1
80101734e0564859e633bd8669abda8358297d4b
-
SHA256
4d956bbd0c66b921211e71c7e0eb920adcd49c9dc67ba16298b14fb15160a32f
-
SHA512
31abaedeab3d56f8470ea951ca07b5d6d1492eeee4d1708f05243ae6a1ed4816ec82601dec220b3353665ced69ddbc827d9e09c6ba88aad728efe001a3d3d13f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-