General
-
Target
catalog-249327946.zip
-
Size
50KB
-
Sample
210513-9svwq5hazj
-
MD5
9fb95771c9a373a4afc46892b4d649c3
-
SHA1
5be4ae213466a82c9039a2d8ee9186f1fd37f3e5
-
SHA256
b2299ee96c552620067aa225f0016f141630f61eeb1aca990600f24516ae6fd7
-
SHA512
a30d327d939de3e1e68599b4c6de084b236c8b585b19cc8b9586757eb61d7c88be19641cba02db9f35a6b8f84b8036335c90529016b0b9b1fc8c4a05ddf468ca
Static task
static1
Behavioral task
behavioral1
Sample
catalog-249327946.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-249327946.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-249327946.xls
-
Size
367KB
-
MD5
cf13acea71d8bd3d9472b0b975b56e4c
-
SHA1
7e9c1effb17015005dd53085fada6a98ae816da6
-
SHA256
fba379ecde6d8d1df67a752b8a8cd2ee9dce53ef5857bfa6a87282fb9d1bf864
-
SHA512
04e3d95342a7540f75fb019e5eb016a258a4b05210196781e5d7ab7f6ba52ceb416f0b9ac0352477f79ee59284ce06da2d0d2f16e73b35a0129e0a68fc425955
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-