General
-
Target
catalog-1984022420.zip
-
Size
50KB
-
Sample
210513-34rdhtn5qs
-
MD5
d4384da84498f29315edd7a6524c15cf
-
SHA1
ae8644e82165c4b7cf21e9777a4ef901e47320c4
-
SHA256
3a8d3c58902597ef07df41c9ff771848f1cc7a49c51ca6f2228d940f0b9ff14d
-
SHA512
8c9d337a786661252173035d5873ef9c3ace2b2038184d34ec45c801373778fc2eaba232ff1d694eaa461663250d5b5dff8e1f8ce9015a4f6b7d5f969966fcbd
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1984022420.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1984022420.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1984022420.xls
-
Size
367KB
-
MD5
06850414efb83142e35b86c940dae78b
-
SHA1
6a9ab6fe061cb0e355aba24221bd8c9ac2653130
-
SHA256
5be9e33e7fe2676079254458bfcf2f29c3f386417730bda392ce69d808b29eb2
-
SHA512
24a04b375fb17b008867863cf15dc3d88e7d1b435251e3273a944b18eb93e8424439e8ad59b4722021ed8d18229115d942477ace11f610c85b0345157a09fd9a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-