General
-
Target
catalog-2067790092.zip
-
Size
50KB
-
Sample
210513-h13xql7fz6
-
MD5
1a3ea0b08e8aeda4826b134e5ffa866f
-
SHA1
46e17006b1f1615e8fd0b6991181c9a98d5ab5fc
-
SHA256
6a85bb6dd317fcc11de29c8515d1ea380cc1df8263ede0df939e20bd391c061f
-
SHA512
3e5acab6e2be13848c8cc23d685a721bb8c07369eb0becc037cd4b4483d4fcd71bea5bdedd1722c18940bfcfa7ee9b60ca1fd269ac6621c6fea9297f7372198c
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2067790092.xls
-
Size
367KB
-
MD5
0e233d233fe28fdec10cc9840c1e347e
-
SHA1
79b4f1fb4d46a42b21a47a07626dca0944ecf243
-
SHA256
ba0435c6e249638889beae55cce35a295588435c83d4467d2e01422e0e10e6a6
-
SHA512
d72164de9d8f48a5e2bc710f568ee4d4b10c2c9754359c1d418256a24ddaa4bb36aeeda08abc71e59d7ad2af13246713cc1ce9d51e666c87fc15f4b028f929ea
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-