General
-
Target
catalog-2142417111.zip
-
Size
50KB
-
Sample
210513-492757ft8a
-
MD5
886a23f113eb4100649680cd014734fe
-
SHA1
dc55006ffa68cdec52741a2b40f2aa011bb59323
-
SHA256
65729efe38fc2e9d5a8cecd683354dc7beedc24ffbda970f0a179949c4d0ff71
-
SHA512
ca6f9c2762ca87d1009aef92b1c8a0f0edac12f68c15d203c8253e8e2123c6a6a5e60bddff8ece28b8b6ff27b3ceea065840de8cdc44b7617c2fac3cb4d36938
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2142417111.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2142417111.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2142417111.xls
-
Size
367KB
-
MD5
2f69b6df92e4ab2b7ae631fe788bebd3
-
SHA1
f730090181af24ffd298abfbdf5f8c462daa6c28
-
SHA256
ce6bec2a8ad06b5152f727111993341f7b408747013d9050e1352c8e3ec68119
-
SHA512
74124fd2c29799bacbe9bdde78f7fcdd412a7807a6ea6964b539778d8d135e9143598950338f5a9007d4eb98e5e5f4e9edd99e9ef2a3315a62a5d6929126ee80
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-