General
-
Target
catalog-1970196328.zip
-
Size
50KB
-
Sample
210513-42m5xwrrr6
-
MD5
402c0901ed089ba88d5467ed3d0091db
-
SHA1
03186978549c1f1e1209f1d2a31706c25b105a48
-
SHA256
14fbd0ed3338c4f886f2704b1f4e2865acb6aa52421341741d458e498be1f3a7
-
SHA512
fb1f7d54e475f62271dbbea6d66f4b583b32237743e735393549c5f3a7ab21d755e10d638138993abe9c01336cdc6b8d2b48817615b08947fdfedfbe63afb70b
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1970196328.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1970196328.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1970196328.xls
-
Size
367KB
-
MD5
2d9143cb87e41f473e04d60c6e07a20b
-
SHA1
68d24174ceca06ee8617961f75d8c90283536c87
-
SHA256
f47bd7b569e7c560f3020da4174f039d122c724c2cec147fb7c040c9b53a8254
-
SHA512
4a8ad747632cc40beefe51de2af144c8323646c38eb75cafa63439520b81bb5f70f1ceb5adfbd282af8404630b8fc4d6630c4b54da57ccfac5893ebd49b66c1e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-