General
-
Target
catalog-2039293384.zip
-
Size
50KB
-
Sample
210513-2jmallylye
-
MD5
fa34f0ac084493dfd7279070393a668a
-
SHA1
e10423c680d4e055f79501ae7a5f8523889bcf03
-
SHA256
f953938db5aa763b3039c92c585da82c298de5e48d4c552d7466b7ccaa04e5bc
-
SHA512
9453b9365fcac6191799b58a7a7358d242986105f8c44ca8770bce27155484c30e71cb4a0f18d34e5ea4dce451ead1d84a04414533fc10e8f3cae8f91bbccd5f
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2039293384.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2039293384.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2039293384.xls
-
Size
367KB
-
MD5
450343e702838aae649c1392992c689a
-
SHA1
0c41c17bde6add3c840f55ed92550cc45835f2fc
-
SHA256
ff9e6980cc78f1d3b9518a0f9814962bcd7b1edd36fdbd567806a51a9f411b78
-
SHA512
873a81aa933c2e7d9b7d37ea09740b614a88e4535d44378fbfa3c554b7b853298a242a9ff0168c23103f7c1bb1f8468c0801ec2be32f5b03f4af8341748448d3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-