General
-
Target
catalog-1974012548.zip
-
Size
50KB
-
Sample
210513-ca1ez5868a
-
MD5
ad9574c52fb6ff021b1f11c7305a659b
-
SHA1
409364edfce309a2fe920edb4255d0d138017b6d
-
SHA256
a4cf3f99be53cba41321f9f51169f48f43ada0a2cc08c89f6f92b5b07218c5e2
-
SHA512
1c2133a2c69f4debe7922944e43e0247afb893d855d50c9bf3540aae3f0bcfbfbc66603331e8b973d18f67b8142e2eeba165730f62ae3f494a125d5d0eda8272
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1974012548.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1974012548.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1974012548.xls
-
Size
367KB
-
MD5
f4cfdf8031d98897354017d762c35f02
-
SHA1
8abc3b0303fdd554b1e7b8c8a07308f15bc548fe
-
SHA256
fabc1bb20bfac0798fe7895bf6b2da5998501eacce303bc1c6ec82bf9d1b56f6
-
SHA512
aa573abe426225dc2cc88e5ebf9a2b2f48c937f283874dada0360813def162846870dda65337c417ee1c82e3adb368709bb5c140fbe5fca8e2ce43f024bf65bf
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-