General
-
Target
catalog-2098311886.zip
-
Size
50KB
-
Sample
210513-6tl5s1dxx2
-
MD5
28fe7c08c54da21db4a85a0ceea3ef9f
-
SHA1
0f3973e4dda9ee5a691d22a2b34cade78aedcf47
-
SHA256
ad00032538575c81384e45d1db94a63c3bf665966e9200025d5a046fa0b7c170
-
SHA512
9525ad40dff7c81ef9bdc3d5cec4d755553383703bbdc7ad9346d1d7f36d1ecf4a2ade6a2a5a40e7c02ec99141289e5ffd69dd03cf5ca95135791eb0ba93d378
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2098311886.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2098311886.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2098311886.xls
-
Size
367KB
-
MD5
39c5464d3ec35720cfd9ce17ffb21009
-
SHA1
2e72fe2285328d15f7eebb633f3dc932791f66cc
-
SHA256
59df78797744356567767df8ea3683dd1ff897dc15a90d35fb94fbf1f6f64a8d
-
SHA512
44aabd54a04a2864c3a9c9e81c60957ad4ced61a2e5d13b07b72fbbac786c5666ce1f83137c6ef9065c491b205982ac46e2cd678aa11aff7085f6dc077464916
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-