General
-
Target
catalog-246234812.zip
-
Size
50KB
-
Sample
210513-j9mahmhxss
-
MD5
7d3c2e92271f2c1b7a37cc458ff3c2bb
-
SHA1
74bd296626351a18e3e2eb85509b376aa668c735
-
SHA256
b7ac5bf81967d408a751c717509c98bc9773d697b9b2a832971b828a7927abf6
-
SHA512
4b786c5f939fd9ea8b10f5651231fd3a5264f4e55139589eca8dcb9566c629f415c77d6086242e4eef284ec5a20ca341d959733023f1ec7ed3215ac6585567fd
Static task
static1
Behavioral task
behavioral1
Sample
catalog-246234812.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-246234812.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-246234812.xls
-
Size
367KB
-
MD5
961bd25ec4aeb578ad535a7d9721de96
-
SHA1
5bac3d561e2f009cb071a66e2fff96f143d98cf0
-
SHA256
7906a1c0e8e1160ee05b7d76739b56c824ad94b6ea62649479d80150381d8b06
-
SHA512
3c0479c5dfff784d17207f1058de0dbde8b99f48c6f5ea99b42cb5bd23f743dd8c6e971e29a7076047a4b7a947b439adcf2841c5b809fd89f1c8edd6cde0ed87
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-