General
-
Target
catalog-1892192358.zip
-
Size
50KB
-
Sample
210513-5c2msce1dj
-
MD5
51583c0b978bae4d09e2798d98c02a0d
-
SHA1
b268917878ed3fedb52b46e5f9fa5f719f7692ef
-
SHA256
3f05c94522a4532273c042ba5e2339b1024413223657299e0fbb426cc8f11eb7
-
SHA512
d2acc5ae78391eecdfa9177f3fc3f78b4f2ea3e4123e8c17a6909979d344887496fd50663683204751b7414eb2844c5903f77ff45070c02e1e43d7738af59a5c
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1892192358.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1892192358.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1892192358.xls
-
Size
367KB
-
MD5
84dd120e9e82abb3970a1c49077afaa1
-
SHA1
9f7c3a1b1131e667f86f73a7c76e48f93a80fdd1
-
SHA256
06b365abe6392e6ae9654dc03186b70c42da190fcb48ef5530e68f4491f9c028
-
SHA512
e0e6c91adbcbdb1497b53bfeaa321fe27849bebaa034eda15da7c46ee32cea10809845d7a93c91ff6c042ddd9e991d279f2fd18492131bc127ed283ce3defa9c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-