General
-
Target
catalog-239708874.zip
-
Size
50KB
-
Sample
210513-42rqa3vdkn
-
MD5
504a2ee8ff1ad1ffe170b01ced12bc1e
-
SHA1
0544fe35e42e981da08e40d79b9730f68140f58f
-
SHA256
02f1bb09eff0e5fce078db68f72a22a17f7f8941b25f7c940ab06ee69db67bb9
-
SHA512
06c864d2d16a1927c254e08ba4c0bd6dd5b01c93832e6472e53a1279374d7ca027e04cc4d03b9a321d6b10beca9e0fd14e8f0f8c93964573b2ab1dfd8a490aae
Static task
static1
Behavioral task
behavioral1
Sample
catalog-239708874.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-239708874.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-239708874.xls
-
Size
367KB
-
MD5
13875f29b7ba280e14e6610b11fdcddf
-
SHA1
48eeb3ed3fb29c9aaf4298c8f3eff4ebda75acd3
-
SHA256
a01617633840effc51c537ad85e4d98a3e436a93048d8b65d6847dac5db3f669
-
SHA512
8caecae1bb82dff9e7d106130881ddf5506dc778903def5fc2bcb696d830350413365410afb4895c1d45e16a88adce6582da51b375275c97ca65e97bd535c576
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-