General
-
Target
catalog-246484755.zip
-
Size
50KB
-
Sample
210513-jahs4fysp6
-
MD5
5aaf7eabcc73aae53c448809049efae3
-
SHA1
4b2f18bcd472b6eb762b9ad252f39855bf061e0b
-
SHA256
e5ba5da052f9d1d94f512bb2e68b6f73e6eba72182d563ecafe251a9b66b2b25
-
SHA512
974a4116edcee61cda7fe9f86bed0313fd807f6ddaed27a68ac7a200f14e04b2f9b5311fa4fa089267b237bd39f22ca63c15c72f990ab5317d4718cbf23a587d
Static task
static1
Behavioral task
behavioral1
Sample
catalog-246484755.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-246484755.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-246484755.xls
-
Size
367KB
-
MD5
4202510d10185f6f3b811f261a365870
-
SHA1
c5142a69e1903cd1e6d797e171fb6f080062c8d2
-
SHA256
c23077ac89e3ead5440e855f4c430bb3efe97d6dc4674e4ae961f7eb32221011
-
SHA512
20454e1fda2f34d876cdf9312e4f5f0bb9a7a2896553d54aa50712421dbaa3c8313b1637afa035c5d7f63419de09baed4c2c8e115d6a911af5c71294a031a119
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-