General
-
Target
catalog-2035363419.zip
-
Size
50KB
-
Sample
210513-37lf4ng9aj
-
MD5
f45eccb98135db06c2b93a8c5cddb559
-
SHA1
cd0183fdc9ef1b310c8992b9f9e108d8e24df51a
-
SHA256
8daec55333b8697879b04188bd206839a7302969e245bec9ddca6860e4f9f51f
-
SHA512
43dac1ef4acd8026f914f0c77359a0ba03ccf21ec7d7fdd2d55f94abd380ff9d2a65c281bb6b09b7796a4286de1426704a38851f952986904330e522130b01d0
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2035363419.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2035363419.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2035363419.xls
-
Size
367KB
-
MD5
b1d4572d1d6bd8e548d6a4115d960021
-
SHA1
692f007e17f7a8c2270be4df514fee96341e77f4
-
SHA256
0efa51ef8288e94835b5d2bc3b89663aa913a07c565db2a3c51b80adbdadfb40
-
SHA512
8c68fe9065bb4149000f3b2354257ff6993b7d417960d366805b72a17fe36e4bb8262b51ccebea20656a3ef9b4206f98eef79408a21b7522071ed373eaee566d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-