General
-
Target
catalog-1970035851.zip
-
Size
50KB
-
Sample
210513-fsgnbeebms
-
MD5
06195e6171d46e37abbf8556b02e412d
-
SHA1
712574c050fda79b3ae9b573ad5d6762b2ded1c0
-
SHA256
4774e1d27fe7f316778ee52fef42613aed1bd5067b356c83e7ec89bf1b953dba
-
SHA512
71667fc327a606ef88749780ea0655f52f1062ad3f6a043f387712ae4926d07af0cb40cb3e61d8ff66a0a7b303f72bc2cacfbfc2c6dede33b551f9aef2155015
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1970035851.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1970035851.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1970035851.xls
-
Size
367KB
-
MD5
2596aee4f556f411d4454dd01e0747ed
-
SHA1
c10a63ec740fb82977d44196e5a28d41e56d483c
-
SHA256
3800722117bcd77d739f707fc2122824354caae472011882ef2c3b784e64db20
-
SHA512
7dcf6049e17b9c53ad1c4e91e7221df1f63888af0c56750a06f852a9940866a220f9fd3a532016a5fbf6f64fe02915154997fd69491cd79080e02615102c59a0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-