General
-
Target
catalog-1955748425.zip
-
Size
50KB
-
Sample
210513-6nacmvjzfa
-
MD5
05c2416c6ae9da276fa3c8d92d6abbeb
-
SHA1
248ef439bd2fab95c89c813cd8d183d7338b977f
-
SHA256
3be050cc450cd5b5d94c1e34828c18960bce8cb36c1526da340b722c7f98eaca
-
SHA512
447f0785addf9c2b8b83208f2a2ca950542bec290b017b575d689aa875feb082e08716697efb3b6df0d78a8c7a154faebcd8ec22f431acaae22c8b22785937b3
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1955748425.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1955748425.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1955748425.xls
-
Size
367KB
-
MD5
29c7134c1941f7e62cb9b00c697519c8
-
SHA1
0f8d9a2cca75ec8e32c8d67a92ab70b97f486752
-
SHA256
63a129a529986bd0d5bfae4ba311458cbbf0d56e1e06b73783dea854d6965ec4
-
SHA512
fc5efdb0dabe6f993aa86fd80cf1197e6bf129927b2df3e6e11699bacdd04981e684d23e135cc391c6dbd082113ec3f444ad03c82fe891924c3773a2d598011d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-