General
-
Target
catalog-296152941.zip
-
Size
50KB
-
Sample
210513-7x2gmscmjn
-
MD5
8015220371b8566e7cfb5799f8bc6423
-
SHA1
957ec1977680e6d33e197b34cff842b184f6b7d0
-
SHA256
18e282a237c2dc56bd1a0235f8c0d91d8d6e0983b02dfe8511e6a0a685cf6b15
-
SHA512
981da5d3211f64ed625b24107660585653ff7c1275cbb75a393cc8a78abd95c5e58fe451d53f016989671db0a8be28ba840f90107c21c06eacfb58e277ed706f
Static task
static1
Behavioral task
behavioral1
Sample
catalog-296152941.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-296152941.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-296152941.xls
-
Size
367KB
-
MD5
96caaf2b50d605d6a92c66bde1b79272
-
SHA1
9e5fc10defb95343518a61bd345968cc4a2592b1
-
SHA256
4a74f2d4eebf9fa47569ca731eb3aec4996628e3d3e0e3de05857dd742e7da77
-
SHA512
de85398331998a1c32a45ec66683b3e16cda8e555567906022643e74dbb5419e895c4f3798f38cdeb1549fd1fd87c63e437c07166d10460135bade158388f82c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-