General
-
Target
catalog-2079036411.zip
-
Size
50KB
-
Sample
210513-b56ta1ddf6
-
MD5
9e569ec35fb39f50dc77d2b5ceafde52
-
SHA1
6d7e46b18cda525a68b2183a45dc6f59799fafdc
-
SHA256
6f0b821c187d2613139f9b7b96828e436fd2278091dc1e7173f0c5a955b06110
-
SHA512
e575efd1b995bee178457c1e45c176c09c277d07911c612deb1df0bed75b44c5ccfce58ed8bb395b8c7a1cc23da43ec3c9042d786ff43a4428fc6af3e7ed0702
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2079036411.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2079036411.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2079036411.xls
-
Size
367KB
-
MD5
2e20f15233d0243d2c9f6aab8cc1eefa
-
SHA1
2105414687e81930b9c6cc76cdb471ac50c6053e
-
SHA256
59f5b98be9bc536ddcd9823de632f479f2007867794bc6b9b8b88dec74a43e86
-
SHA512
e1e10d5c244b517b393fb5397a1b4f255a3bed6a9368eab798e2f0358e8b6e1b29fada43b4e7076c01d8462dadaee4988d16efcacf295bfb73624dc37c4a1eea
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-