General
-
Target
catalog-2000871263.zip
-
Size
50KB
-
Sample
210513-c9xpake6ax
-
MD5
911ed1429531834a0c4592293c952beb
-
SHA1
7819f1d5d615d0ca27b9cc868bd03085f5315c4f
-
SHA256
54b074a6de3405d1cebf4b2b2f566c50ecb5f2858b4ddbdf0ef7658239b157c9
-
SHA512
9297a334cbd4288c7c9bf61cdec849ca11c181a50db26597b8cdc97f86ac0e241ff6ca53970817da9d6f3e24d67e600e946aaf53ab955fbe193d42514b08bb2a
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2000871263.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2000871263.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2000871263.xls
-
Size
367KB
-
MD5
24fc3c880d10eb1df2b31a5e312a56ca
-
SHA1
a000cd120bc081c5241ff1ae6a60e64bbc8c2bb1
-
SHA256
5db1edf69cb4b784f2f817d2acb77289415ee36bd03334507d10fe5145496673
-
SHA512
575a140e85cad11d0a606ebc69111ce3d22af505afe5d8d86793eda012856658d443e0ec3f7baf692fd1cd5e2c2bc3abc987aec7ba29df36b76e69c715e41eaa
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-