General
-
Target
catalog-194578415.zip
-
Size
50KB
-
Sample
210513-h58rray3es
-
MD5
9ce9673269aa3fd8009f3ee6094a5377
-
SHA1
456e60a005e55be595d5b70de18ae4be1170a8c2
-
SHA256
bab587a850a7952d70723762f4c07f88faaf780a96116000f499716dde9d4b2f
-
SHA512
6517e7252cbbf1342ffe2ac610eec4cf16674598822554451aade7308fc24f25d5eb3e38daa6bcb2112f828d53d03f9e2ba25cf86fadd9401cd169ce6fb6086d
Static task
static1
Behavioral task
behavioral1
Sample
catalog-194578415.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-194578415.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-194578415.xls
-
Size
367KB
-
MD5
b9bff82e12b808e5e8f2df9d89921c60
-
SHA1
2cb9aec2e2173e6c08e5281ea478f44abccec3ee
-
SHA256
15395a5ae5252d66b34ffafdc00ed7f2f04ea3207701a00ad46e71d66225ba88
-
SHA512
a6bbb004c8d079fa0b103ea4c6ae6c87144a320854ff9d06d9db1732e58efb8c38792fd975336bde7cc476a195a8993c55ab3d5de6b73426f7ffb1453cef6f61
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-