General
-
Target
catalog-249397.zip
-
Size
50KB
-
Sample
210513-jestr8a3ve
-
MD5
f5512ea02bff5e45e5859f92631c2455
-
SHA1
832d442fedf73d83e29ca3dbcd275bf2030a179c
-
SHA256
a9dbf7b6e18c909880ffb9776eee944cd35745933c22267580e779cae371ead5
-
SHA512
b072f9eeb57a8ffb665711a51359c9b40692ba59c3b88c6d0428f7b50b7519f8bda29cd8f4241eeeb5c8189ed22f406a0e97c8d9f7badbeceb7e1af2806f0c55
Static task
static1
Behavioral task
behavioral1
Sample
catalog-249397.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-249397.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-249397.xls
-
Size
367KB
-
MD5
b3905a4e83c1bead87d497b30c37617c
-
SHA1
ac63f819f6dfee2b1d5c9e6c83f4068f3467e380
-
SHA256
612372ef00effc54e2b9a975704ae923ba9161fef0fcc94f4b4018275b9f434d
-
SHA512
b9f9b6e36c3f6559e1884097764db5110bf0b35abdbee1bf49075b7a92d81a5e0bd517b0398f1d051073b74f48c63f9a8c7e5400715144d8f97f2bc4832dfaa0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-