General
-
Target
catalog-2002069022.zip
-
Size
50KB
-
Sample
210513-de4wh4ys4s
-
MD5
5ced5a9b1ea1fba8fe620874622af557
-
SHA1
14485ee8bf95b91caa6c9082fdd75ebf637a4966
-
SHA256
2bea5641e716e91b2d158a476513001851456c57b855204397f7cac85e834251
-
SHA512
48ba3ac2d4ad8fb14c7509012e82115dcb2a3b5990e5a07e8601b8f051877bc23dfa7c53bf88cffaf6c9666e7245af5ff12756f477e3a30f3f6e95b4c1516214
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2002069022.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2002069022.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2002069022.xls
-
Size
367KB
-
MD5
8067b47ed46d73edffb43a227bfe6505
-
SHA1
9970f06b1f7a870143260f37f73ba165caa1ee9f
-
SHA256
290eb3b5b1c07d56e466212d7078f2e858edfb85bddb72891e841a5e6d8acbb2
-
SHA512
7ceb35763cb35fdfed083daceef3a7bb474112b6f2c7e8031f50c50e18e46d6fc472cf288198ef50a5e9610f4e9b4bc8831584129a56cb5e2495b24a496ca2d3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-