General
-
Target
catalog-2015381752.zip
-
Size
50KB
-
Sample
210513-c25z8sspyn
-
MD5
7eb673a887d1b36257901bd779df6f62
-
SHA1
509d24ef5d66abe99125c7fcd23364295111cd74
-
SHA256
8461a810d08fc9918a79ea4e5d510eca3dde43f7076e95ecf6cb3964441661ed
-
SHA512
e2f42f5ba13add347acbc0e31a0c63527d72b299b4c5858a5531b998ac22ffef3b388ef3d70ec3cc1ad8f0bf2101b7a5d2adcb70abc706ee1d2119ce5b0c1f43
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2015381752.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2015381752.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2015381752.xls
-
Size
367KB
-
MD5
2b0059a2d746cbb36071a3549d1b0aee
-
SHA1
0d35e67aee4c2a9b8961989f2a5d7db96d34667d
-
SHA256
f26af7447fceee713d76b44cd568935348d56e564e9088c175c14a85414bbe9e
-
SHA512
e3bcea63b7b87369d925e8fe7f323564ae11db6a32b28275d8448aa49a8ed93c1e2b081c8b6e08b4a8f17175fd0698f73aec748110e5cf0d58e8dab258312d4d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-