General
-
Target
catalog-1911367047.zip
-
Size
50KB
-
Sample
210513-j6fm3alhzj
-
MD5
06ac491c33768e0fc4a205e5d9e137ce
-
SHA1
ea5e23b66e89996fd0865bcb433a7cb90870ec5c
-
SHA256
11a9dda5ef6f101924c49ecde5c9a00c5c776fb71701eda53dbc83499920eb8c
-
SHA512
729ace2b9bcb756ea459bd1305a1faefec21689732c69b522be1feeca23cc29a99feaf5033ad6ce477d9f0296941d955a6077ea340d8a4c41c417d1722afb891
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1911367047.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1911367047.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1911367047.xls
-
Size
367KB
-
MD5
3f61d6426515d7ac0ba8fdfb90ef78c2
-
SHA1
0c5c7265ad011416289b1d6a95c9581cab58033b
-
SHA256
5a4108e08f3a796a4e622fa488550b79139d45a80a6949449fc516713dbb728d
-
SHA512
b4409c6dde61d8d83803ae023ef8eed2f894ead6b30c54548e6b04b686f5b2e69bf440e4cd199c7eda69d8f324725013eb47387a9756a9f863cce0abbfdeef09
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-