General
-
Target
catalog-1980252445.zip
-
Size
50KB
-
Sample
210513-c5c6d73d2e
-
MD5
fe089b3e12420ae6d1e942eb103dcdcc
-
SHA1
36ce199fd2ef1b1b7b3143e3df9ef82755655663
-
SHA256
a31a9d90292324e0d7f8abc9defcece8598ab54eae8b6462dd7d4fa6c881f13c
-
SHA512
44ff7020f4fb6abaf5d9cc763853f0498d30367a2feb2efcdc0c7511cf6ec8ad9ee79cb3955b7518b1445610718f7a50410b9694d7009a227bedb1d26adc448d
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1980252445.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1980252445.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1980252445.xls
-
Size
367KB
-
MD5
837a78a9c6c126b35da1838f4723dcbc
-
SHA1
56503c1420324d7952461680bcfddec4582dd9b0
-
SHA256
35b8fb6028d94bc98e474263f0dd5535b81b81bcdf9d37bfb1e653f57e3830b4
-
SHA512
7f4bd971677852d31f93b8718bb8a2ec0e448a8ee7aadadc300af74896abab5c15d96f979b26e85bd5d66c78cf2d2121de9da25bfb2944f96a977af2671f2b47
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-