General
-
Target
catalog-1958608881.zip
-
Size
50KB
-
Sample
210513-emkbz2p726
-
MD5
d2c1d9b087ff25413f42d871228549ba
-
SHA1
c326676a7bd269bd4fe39150a089d160cd8fd6cb
-
SHA256
7fad526a8864c326085805f6293913bc8691c1b003bd8268efcbd14d33b82dac
-
SHA512
a3a336723bd4eef00371cf129b3723b6a3a279d7211f870223b1e21de976eee470666c00de4994b2a587bf444fb583c686b9deaa16b04866da7250de58a2a29c
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1958608881.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1958608881.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1958608881.xls
-
Size
367KB
-
MD5
03d37ebbca2a3a54cb9090ec589f219c
-
SHA1
c56c1a308ed169dbb59843476c41ee225e4d777d
-
SHA256
e4abb30a2e9d2ac2556650ff6f56198fbe1eabb02c65f80b2e6679fe342772f9
-
SHA512
07fef9421d2c5d0991e520b2e1c67045bd55612e8a29149fcc5c3bf7093413fab24138eb390908592d1cf41483c9d0dc030037363b3ad394567d9eeaee5a5823
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-