General
-
Target
catalog-278022828.zip
-
Size
50KB
-
Sample
210513-gcppqne4rj
-
MD5
01eedf61e615361134a2b3c54cb78928
-
SHA1
71de2295f0f0f4ded2d438d670d4acd028ddc751
-
SHA256
7b60c3d5e7027eaf4c6630d3bb44be2027d039425ab36aa833e3a3528f2dbfb5
-
SHA512
d1787ea41ec3cd403d61ed28a9add1127fbb095344a248e7d1f03c4536f06f85cc6ce30e9e259dbf177c564a4bba70cd3e6fe9abe9e64e50bc3e38e7bd1dbfb8
Static task
static1
Behavioral task
behavioral1
Sample
catalog-278022828.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-278022828.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-278022828.xls
-
Size
367KB
-
MD5
dbe134fbf21ba0ff980a111f85dc731b
-
SHA1
2c9ad12cb5b1e8e03fffcf50011fb8e413e43004
-
SHA256
a9e5c916f174d397944ee04ff75f36b4b2b9a1f945401d20bf72c85515f769cd
-
SHA512
b96e57caa9408104e54ed65a353adabdedf8258ce58e9d7a4dbdf796cea649a280c53b4fba569f8f757cfa50e8cbf0db1fd9ffd618672e92ffb1e8d4f2f6e9dd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-