General
-
Target
catalog-2115956.zip
-
Size
50KB
-
Sample
210513-f1vscm1w7a
-
MD5
4724367e7d543f354551bad91d3ee329
-
SHA1
3db13f72ab8d2a6ae02faa696c0c452e4415b336
-
SHA256
4009d7853c5f1bd33ba2331ebf959d100d5bf0fe123aeeebef8a161f7dc01f84
-
SHA512
d5abb3cd119219336d3e7717a03174f65adc95a060bf7845eb33d8526f008121ceecd33e73c55f982c90924332af035e5056df3a0dfd19e1301380c1d42e29a6
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2115956.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2115956.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2115956.xls
-
Size
367KB
-
MD5
a67ef3eb41d7e82f2329bd288d0281b0
-
SHA1
1b221c7343e2d1407d2e8d8ca723e47614d8055d
-
SHA256
c8af2ff1a070715d15cbccc5419f782e0dba914a0b4ec23464885e82a0f71461
-
SHA512
5f150cafe235a356b3f8be78da7b9ad615c3e1f7627ab0af2b4ea46715bd5505c12e3fc6afca5ad9f1110cc9492a3db660c01691a6a87a4c2faebccb483009dd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-