General
-
Target
catalog-2106987967.zip
-
Size
50KB
-
Sample
210513-8waywb8e8s
-
MD5
0e79c8e04fddcae5765ae77081b37248
-
SHA1
a3290abc1dae817a9852a1332615e64e93d40ac5
-
SHA256
91e83311bfbc9bf1d667087a2773f80c46e5fd5c36b83315f7401f90e82d6d4a
-
SHA512
7c8acf80ed23009b6714cc7cd4127ce318c39f237a9c2f9eaaf7f8e70ebdaa1ba43e886d87ed1dc31bb2a5f1522b630ec7fd4821dbd6a38b6392994f9452e0a3
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2106987967.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2106987967.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2106987967.xls
-
Size
367KB
-
MD5
da6fcc74b5353a2e865b1effbfe2ff6d
-
SHA1
166c15b9f39c99aaa1203440e6e3beccd86cf2d8
-
SHA256
50191bc455248553b3122cc7d3fbae170be31628d466786b60839a674e3c2e3d
-
SHA512
3827d5db48f0ad6c96b27108c118fb29cd0b5b4ab2abc5ed896f90aa83326c0b8f95e40e6eeb3e6e0a505d3b7b8efbd09f06bdc611dfa72c37e803a679af3c81
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-