General
-
Target
catalog-268659284.zip
-
Size
50KB
-
Sample
210513-g5jap84t1x
-
MD5
60852d961f037cea99edc2ad37364e9b
-
SHA1
91eda43627be6375370b7ada1d311f2051ade1b8
-
SHA256
17c3baf17d9554c9a4b2b97531a543e2b85c8e610e94166aff92b8a379ff02b9
-
SHA512
932f9593bfb4c4612504de49bf868ecf338b26189bd1f9b4701c4fe8b68991a7746828ab75d08b7a818abf676d99bba493500afcac715cfc7944fb7b45e810c6
Static task
static1
Behavioral task
behavioral1
Sample
catalog-268659284.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-268659284.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-268659284.xls
-
Size
367KB
-
MD5
5f99884ea5bf05be70712229549b6fd7
-
SHA1
6e83b69f00255ae1790193a619e26424c57adab7
-
SHA256
7917e7cff57a2ae16153745a920e523398f7493a00151531fb4c2378b32094f9
-
SHA512
6cc7620fd60e9cf1f19356df76b56bfa4a98dae64f40efc62f6af699bc05793043ebd0c1ae47c6861ba56a8da93e149507dd27e4bdca5cd329ed71ec6102cde2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-