General
-
Target
catalog-2028517150.zip
-
Size
50KB
-
Sample
210513-6zmhwn5kca
-
MD5
81766985a3fc3f6160312939195800d3
-
SHA1
075c84340e5ce1bae52405cb29509e1afb06ee9a
-
SHA256
5465dd08aa0164c653596e47346e54a5261593bf5da3f04ad0b5752962588b2e
-
SHA512
2718a82994474f54dd114e9c5232ff24e856fba9321fc02ee8cc77475564ed8a911333400335c85f92ff7922ab291b0949b2aaadae8dad4a7ece1d8238963ac5
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2028517150.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2028517150.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2028517150.xls
-
Size
367KB
-
MD5
30e19ff32f0a97e0f9d487e3bc525505
-
SHA1
30e11c8ffc4facae57e451948504229f755e61d6
-
SHA256
ca96e0f7b8e3c6e3cfed4aa17d3a2ae40d32c345cdb7f265131bf51c0c4501f6
-
SHA512
b4167143948b4bc521efd14f43ce1eef7a8c595b74e1d8f10904935944dd4a2cb7668193bd1ff9021757cdaaeaa664a1176875dbe500c9a5774fbccb969cf131
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-