General
-
Target
catalog-2130173166.zip
-
Size
50KB
-
Sample
210513-5vdfwljmgs
-
MD5
baec8060801b3715aa98655b9cfb4125
-
SHA1
af14e33e4bfc60bc3242d7d43c3c9c3f6738f1d7
-
SHA256
802bf6f32b0cb1a3fa205a2d41e40302074c18b029b5e86337bf8a8282ba2d83
-
SHA512
80abfe153d4addc1ee934e467fc5a6d63503db53a26b3796527248b14bcd08008b7fc0d319b4aa166e6a4f6f4edfa01cb68e7a41ab3d17079dd590d6d7ce0cb7
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2130173166.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2130173166.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2130173166.xls
-
Size
367KB
-
MD5
53d62280b4357ddc1fd58b0f66201b47
-
SHA1
c77b029d908a68b23598633f1fe873e28facadab
-
SHA256
14eb4a357260e2433942963faaccb8fac37ca7bf2c215ffb1b77774da51ce592
-
SHA512
3f29a42ec44598b0bab7cf7b00c0d71600cedfca6e2ff223ea79bfc066051e46d5ddabb9583d06191a43adb2137072ba576481d2335eaa1448c65092af7758ad
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-