General
-
Target
catalog-1990066679.zip
-
Size
50KB
-
Sample
210513-4a7wlatn52
-
MD5
5ca1f4d002913698aad81e5eacf4ea00
-
SHA1
65c8a7d0d17141fa6af318a52f5891366db0cd57
-
SHA256
3c551081fc66ce8d85cc36f034803fd7ee80b5e760e4f7d4ed003a55a868bc27
-
SHA512
d0f80ba3947aeb1970c55b4b3b994579e87fdb75d0b5c41a8999f7cdf97ab7160c9d909de6111441515516723b661a6f810eb34e70a0db95323ea4f7560eb030
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1990066679.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1990066679.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1990066679.xls
-
Size
367KB
-
MD5
85e8725a1421148510d41f6e1a1ef2b4
-
SHA1
7a34ecec8ba31a5c702a1720d1851965ed932209
-
SHA256
9fa200c32c60996bcad7592070483724c329596fbc7c157ee545e06ed2dca1b5
-
SHA512
f951a4fc2133b54d6742b6fb8e4bb59453428dd6876dbb76e7058273159f787111a7157dc9168074334613b92d1429a5977406a153e6fda12440f808829cb4d5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-