General
-
Target
catalog-1938001011.zip
-
Size
50KB
-
Sample
210513-ez6xa28t7n
-
MD5
dc43ea411e93cf205c7cb47d338781f3
-
SHA1
c32219cdf36b6a7290d976fc8710e754d6d9bb24
-
SHA256
8a6b9ee6b5d22414561c7ab7b0bac1eba87ba0fa5db20e1307745b7eda108496
-
SHA512
bc022e9088e6bc4fed758b7e46988b9832fd91f6ceb2c7eddc3d081991cd149585e1aa84a868e829ff3875c982d691f9b8d80e22eb62f71b883f25e0c6d3d771
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1938001011.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1938001011.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1938001011.xls
-
Size
367KB
-
MD5
e893aabac2d600115e61ed4ea7e2c430
-
SHA1
24b9c81384817edef89b0573748da16328f48485
-
SHA256
94896e0016e807acd5169900de96eba870a69e15d4134bf91bae592e31b262ea
-
SHA512
29f900e09b811e31e765b4c7a1daff21d10e87d18cfe756be77f2e1664615a60e10012ce66f84ca2541a3b4d7cdb5621cd931247ca864331320a9adcffd88ae4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-