General
-
Target
catalog-2080064519.zip
-
Size
50KB
-
Sample
210513-acqzglwqhn
-
MD5
4b3f840443f10b316797390ac7fb6dd4
-
SHA1
fbf765cf5476f45ae55e532dbb4d33b5008c51ea
-
SHA256
1250c05520d45f775c7ca6301db3181c40db77a800ba82c6bac659740ee6122b
-
SHA512
1b4175b1cc1fbb3c2378fac33ffd127d288b6849bb8bcd850f3cdf753242b654889e2734de87d83a12bdebd35d9f66859205e56e4dcad54f28738a5cbf6b9ee4
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2080064519.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2080064519.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2080064519.xls
-
Size
367KB
-
MD5
9dfabbf6638dd1532e5041e6e37bc900
-
SHA1
b959cc30028b9a0c4a1b5d60b865ed0801bd6c80
-
SHA256
778d9e7a4e6dbe6a82fe73e02ea0d5c54ddb5881929f19a2e832b57b4c6634eb
-
SHA512
ce7f420b7c930b467f20940e96cdcae590e62db84d8b1948cd29589f4667780ae6d543f40ba0f1b33dc40f31c36f9e59d6e8e8447ab2ec04033d82076356667a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-