General
-
Target
catalog-1957695393.zip
-
Size
50KB
-
Sample
210513-dme6kjsq2n
-
MD5
3483be23c1df89d8cce021d35c4e195f
-
SHA1
790edad2f77daba0345fc02b037d5a93712bcff6
-
SHA256
ce4542d7e0a84fa4a3c61a4cc50958b16cad995378bd9590b4959fcf66c12071
-
SHA512
fcae62165f52c7f6e758603813a6ede1cf9a2caadebfec6456da744f492931c094f9968dade103d28890d2c8ee1f131ddedb3083b211a8ff6291dbb346c47d71
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1957695393.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1957695393.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1957695393.xls
-
Size
367KB
-
MD5
e9f642fcb45f5dc739ede683b7eec9b4
-
SHA1
aa66169be6707608086937a96d383b135354d433
-
SHA256
36f6b05daf1586a33ebea9ef3774e10b6cf7e6e9233d56ba176f72fa22104a81
-
SHA512
49e55a5e675057cd38499f84fc87d62cf56f3c481181b03fc8b6f95110a6cc9ea3a38e6f6fd693427b7487ec723b029dda714f9ea6d10ab6166ace4fa271d134
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-