General
-
Target
catalog-2000669852.zip
-
Size
50KB
-
Sample
210513-7bkj2nhr5x
-
MD5
8eac2db1c824b5f3d2f9d9120722fdaa
-
SHA1
bf5236bdbb7b12b30a25de7bb3149eb5798b4e3a
-
SHA256
087e38ca1205d98291f529bea097466be1290b11e10d83a427268e7d14814a00
-
SHA512
1678f7275dd99b60229d2387e80b5de5855360292bc246fee7e7da6d701c9333bab5954607d92b6f609a223694781c7531ed510b354c03f451c23a0957ec237b
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2000669852.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2000669852.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2000669852.xls
-
Size
367KB
-
MD5
6ab06abe69c7f2a6e6265d914c1cb117
-
SHA1
3cb89cc4786f91518abcaa1365ee89e42a024467
-
SHA256
faced1e805ed68a5a43c230314111b5bb1eef77588672f9c8e4a58676a346fe2
-
SHA512
d15c41e6e82e2daa846ede1d8cbed0e505edf7a5d447442e848bbbb9d488033092620662af73500d27bb18a6719b857bcce1d8ceda4f2a893ab804eac345b824
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-