General
-
Target
catalog-1940891734.zip
-
Size
50KB
-
Sample
210513-bw8hyshr32
-
MD5
dd90ea72ce41faa650749323d8b968cd
-
SHA1
9a173e061d51bd002d06f90915da0936cbda3359
-
SHA256
0e664c5d32244e8d023cd96b33bba38fbadc379cdff4fefe3b9a354c32ebb0e2
-
SHA512
897be0698de7590f232858be7fa85724fbbf47e6e8fc5a9440c76aaf70b0a0a8375fef7ffc4d7dd6a075a7189ac7d4afd81af9af5d9df96667d7248e39c6283c
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1940891734.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1940891734.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1940891734.xls
-
Size
367KB
-
MD5
8ef992ac00c2e9ec59c68d3962f1507d
-
SHA1
d333340a56f823ce8247fd3d664ffbb72afddc4c
-
SHA256
be84ff071906f59547d969400a2b1fe78ed87cef8db306e1683fef779ef60cae
-
SHA512
4755868b4f32202a9ac9092d4f085f12c44f8b6f396d3f7f2d7e8f35c7688c98d02eaabe7bc36f3393a707159940768d3a48699909635ed79d5945205c9f7cd5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-