General
-
Target
catalog-2126809506.zip
-
Size
50KB
-
Sample
210513-hks4fs1gxn
-
MD5
3cf38febf15cfb7509c4e736bc1a69e1
-
SHA1
986d38966415f15ae3d888330ecfdfff87e6c098
-
SHA256
aa960c7456fb4f3ab04a5c4bbb700f4275d4da9f2a4a7e47461762d20d3df64e
-
SHA512
f18c0b640f1c6b24216225da057e61a7afcdf63dbd5c9c0210d4bd0ee435fe06f425829c107acdd02e354c0e9f21a2776c9a639669b0d38e6333e2f1337df519
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2126809506.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2126809506.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2126809506.xls
-
Size
367KB
-
MD5
396ab95aa59bc4ffb902be33b907ad71
-
SHA1
8f5b7c9ba6cc318d9b5a80e2086d3647de06f5ba
-
SHA256
f5c0cd884f0ff921534c2fa1929c5458860ee75b1bee4f5377e2771e2d559fa4
-
SHA512
e97ffdad35cf03910e043cd887145252bfea5e2297f68d41e6d04e69fe68bdaee21f2383888b675baeffa21983b1ace3f0f7f0d3386daea80f1bdf256c6d42a4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-