General
-
Target
catalog-212086834.zip
-
Size
50KB
-
Sample
210513-e38q7sy216
-
MD5
f2d8448eceb5761d8274daef7070dbd9
-
SHA1
0c4265f763cad11af02cf1a0d379265a8c25fb26
-
SHA256
fd2f66afc85a67c93ff9ac8f49f60f76777c80e70a8c1eb1f083db697e449d7e
-
SHA512
d7649d0e6a37556ea713db3e44f69ee572b1757ef3737d2524e035a8ad48f8408eb280b1e74c3b879964beb1632b0f0b5f533ceea0459b1aa17eb62665b40163
Static task
static1
Behavioral task
behavioral1
Sample
catalog-212086834.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-212086834.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-212086834.xls
-
Size
367KB
-
MD5
5929e6220f23cff3f30223cc9812edaf
-
SHA1
4887ebc394b995311d030dbce531330b84a483e1
-
SHA256
327e9ea34d01e3c7160aa1a4cc90db40e8759c9b5d8c7a106e34324c587f03fe
-
SHA512
e8dfd68f6b21dd540be3fd477c53b90bfae037f7d1cc2cf6458ac5ad495fb7bd2e670d67f3049c661f286fcb082e66754fd37eea20550c5ebca37c8f82d133ab
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-