General
-
Target
catalog-240736446.zip
-
Size
50KB
-
Sample
210513-chnwfdnfrs
-
MD5
3b30f5aeb0235061b061f442b1104d54
-
SHA1
9230bc8b95dc762a7db4b339c383a76b7f32f0fd
-
SHA256
e8fb165a38ff14baef711d1a6c7b32760657e5d63180912819de125a1db909fa
-
SHA512
fc71285f33b0f00bd65954bc8436490ee9a488198f788cb57caf3a2ed5c1dbc699e6531a98a04e0c9d07a2e0ee426daa72cc878463c4c9cb1fb9ee11ffde07c7
Static task
static1
Behavioral task
behavioral1
Sample
catalog-240736446.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-240736446.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-240736446.xls
-
Size
367KB
-
MD5
268a42021d538ca7841b16a223bd1085
-
SHA1
c35468d38c3fff9f929899b861cca27c9e600f38
-
SHA256
8606800ed23efe827bb5e2895e47cb815b2c6d0d7e836aad7ca36e2bd839846b
-
SHA512
9ad81acdbbe480497cbced8932269c6cc98bd294e954aca9fee70da02ef2f8784cf61361bcc758581f8f08cc9b66fc032a186d097255ed2b49b90912173e2f90
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-