General
-
Target
catalog-2053425544.zip
-
Size
50KB
-
Sample
210513-hffyagyv3a
-
MD5
a157eeebfb226d2072af02dd0985b744
-
SHA1
854d2358cc079d105e0b8a858bc5207a5ceb99d5
-
SHA256
93cbac8660d1d5fbf3035e133ac58444d259d7ffd82924d07a625b9a0fc2588f
-
SHA512
2ff1d930e1e46ddf18b5c451bc06a623341e1f66b6bfd16f62581fb0ac33675fa13c596170db62a34a3fc9ab22f1138c67e96decfadc29ace1269748ecd56138
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2053425544.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2053425544.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2053425544.xls
-
Size
367KB
-
MD5
a58070871aa8faa0b298d9ac99a9c7e3
-
SHA1
fc4dd9556d02fe6df6a441ff22c8e9011ae640ff
-
SHA256
971e709a346a79f43ba5956835cd685542eba41ba8adaa0171e36b2f73c6b0d5
-
SHA512
9e7a7dcc2b3b0bc7ad121b23bc2a760863caa8e3dad9413e7cfc0f615250961c1d22a838ea27b34e5b5c5184b83de006c9c76d5633ccbd7149810ece7574fc71
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-