General
-
Target
catalog-2084872052.zip
-
Size
50KB
-
Sample
210513-64tjarqjte
-
MD5
32717cb8c39ad37ea9c052205f50ebaa
-
SHA1
cc03e7107c5d86ebf1bc7dbb1ce46f7d6217f154
-
SHA256
8288235075d2f70e4d7a9e2ed121214ec32674ba8dd15c9f6e25ba9396af0cc9
-
SHA512
9a28ea75a423c221741cf4fdc21a7c04260f02e5ab34b44f006bc6b97bb4ca457e6877a31b43253dc857ad5d4ebf4306e61f83d32661a33f1c5d7b9f4f39def0
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2084872052.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2084872052.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2084872052.xls
-
Size
367KB
-
MD5
462b8e4aef06cfea1f858e9d44f111df
-
SHA1
c963d7d8a19de64cfde44f6dc496e799d1d8e39f
-
SHA256
a45bc9e83209a1bbd5ff5b69ba1671a537183db2ccdb12572ee711d32404c5a9
-
SHA512
9dafd489baf4d82e037efde398cb5ed3916e3f6211248b2ade62cb712f4cb631f3c83e74ff7ea3fc0ebb522a98cfc6077bfd4d79d2d724fe44a27c7bed234f59
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-