General
-
Target
catalog-2039169496.zip
-
Size
50KB
-
Sample
210513-2c8dmhkhhs
-
MD5
1ca5a7431c839be9c4662d842c3996ea
-
SHA1
d323e682daebd6b94853598bb9ca0ce266147d82
-
SHA256
980643fb9054b3e222928f5a5fcfd53c2b1319ae12499f8ceb01833dc950d402
-
SHA512
0af7dc30f4c82138c7a10c2465732f6441751456baf83a58ed2feca94c4e4bf0669e181041c910a7d6ace5ddaf870856b139bb52297f4e40e18e590339b196bc
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2039169496.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2039169496.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2039169496.xls
-
Size
367KB
-
MD5
2bda1337c502989c23fc8c75ada2c271
-
SHA1
0a5930571088ad8f8ab7a51a5c057fc306b3fc53
-
SHA256
39199c98bfedb5102657cfc5a6bebc7a82b26f9fd52b4e062e1cbf031bbb6535
-
SHA512
ef36f008074fa8177e8965d3b660d21945c7970652a91afd81dadf468a4af94ad41d69af597316849b4906eba8e57ccc8ea088790513dba2dfc4655e4d6ac6ae
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-