General
-
Target
catalog-2073106428.zip
-
Size
50KB
-
Sample
210513-h88kh76dga
-
MD5
a009d4d421446debc15415074a57bcd4
-
SHA1
4b687178ae21a556b2d22e0128538987930c7ede
-
SHA256
c1f64b4f084b37a231990814c431e7d4eaad3e2cceb5a38d62f4f9f79bcd9ffe
-
SHA512
bedbed5327d2c3d18782a0f08212d59be1485bfdea9b8d9d9a70ac1f9e2e6de9d7e23850393b4afecfa230797a1f6d4d9be927b2ad8ea28afef5e48f64fbca29
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2073106428.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2073106428.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2073106428.xls
-
Size
367KB
-
MD5
5bef2a4476c22f91d4b77802cbbd66dc
-
SHA1
abee3e6b5e3a1b8c0d120387a11880f7863077c9
-
SHA256
5aa78f2233eedc785ad90718ab50f74f23e893ff3523137b6bde7fea883280e1
-
SHA512
439612d297e1c7f0fb56c43e80c3d260f316fa17b3d9fbd8cf3c09f5a2330d450208935747be6d814345db47c1c752769e182db2172d08e988fc13ca94ddf81c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-