General
-
Target
catalog-2040322549.zip
-
Size
50KB
-
Sample
210513-5b3v9zzjce
-
MD5
368607b1f5cab02d703d7f4674f39f08
-
SHA1
1b662c855f140f3539226af83d9756267e5bb238
-
SHA256
dc5d90d4837641adf14d2aee911bd737fe1bff393bc30fab547a64ce4fb39390
-
SHA512
5127399976cdd476023d1271c5e464fc84357a5a2070bae394ad0ba77c1ccc2964596752d58725a29027e50a14e969e61d05a74e9ac8dd8a64e16dbcc672dd59
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2040322549.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2040322549.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2040322549.xls
-
Size
367KB
-
MD5
50c1580a306c07dac9cadce84c10ba18
-
SHA1
4b856d6fd47f4ccca6832707bbbbc8a8488b2cbe
-
SHA256
0a1be708d3d3a6695b965eaa0607e2fbe168c79ad75ab5c7513dab5de1a10802
-
SHA512
eb76d33cc3f2222c1441a9be09b635fc2277e20d5a36e68dca4285504aa6aae2f47a2a9a9964a57d73d5df46853ca38b6074b43f071aed933ed8ee54217e2720
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-