General
-
Target
catalog-1986201310.zip
-
Size
50KB
-
Sample
210513-h1lmqnw3yj
-
MD5
b0992c3cb7302d47359028f9c8f73e03
-
SHA1
c96aed2995c9af6dcfddfd5b66895823002d740b
-
SHA256
a790f72fb9d00f9c017a11bb2a8525024feaae1876645ef79ce20c36581da6ff
-
SHA512
3794f30f554534026270dddc0f062422c654d220638808a231c37af958bc90fb08c0dd542a2694f6a29a89459621932433a12129f5a926cf6035e47504cb74da
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1986201310.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1986201310.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1986201310.xls
-
Size
367KB
-
MD5
52c50cbe0437b646aaa52f14ec1a4e1b
-
SHA1
43be9e63407135bc8d9432d89557364e4deeebc3
-
SHA256
a19f600783fb45bceba9ca3773e3fef9f10616e87680c4e3aa4eaf1cd3446d8c
-
SHA512
2dcd0585952b6617568456551cd8c4a8271874016a8f7f11c10bcfe86f4139b4225b907553b296730dc9fc41f6b43b36dc74421c4b3a029ea355bc174190c94e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-