General
-
Target
catalog-1883594067.zip
-
Size
50KB
-
Sample
210513-3lzzcall6n
-
MD5
20a0557c8b7d92a583a0d259a30af047
-
SHA1
d452a30fb56f270f38f983ab9745751f36754943
-
SHA256
a1e627b81d0b30ecae930c65bd379c718115078df42865e1857abba9d072f18b
-
SHA512
3f9c20eeceef15dceb843459689bae1e6b9441418fab95089ab1b0a18118f7bb5aecf03f0b877fff3d0003174c95e1bf038625bd503362a90b3a2d4acf149569
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1883594067.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1883594067.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1883594067.xls
-
Size
367KB
-
MD5
bafbbca2c0f5a2561c5352ece5aa3d06
-
SHA1
b9002c5a23d1b0b9411b0364fd852943c05a8b7c
-
SHA256
8ff651a0e58083eda5a8a8725c5ec9be19f30dd261d6aa028fd32c51b44a54c5
-
SHA512
e04be0978e3176e13f80ab49fe2f2b0cca08c0e7b0af3a7570a5e90b1cb23b9ae3f0439410fb6f75dcc22f49ad80bb236f03afa4fd86d1830c8edf80044db77e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-