General
-
Target
catalog-2002334876.zip
-
Size
50KB
-
Sample
210513-lc313wxap2
-
MD5
6c8cda37ee35a6bebd838522666551b9
-
SHA1
ea9c9a9cbce1a2508f30fe5fbe6871730b9a257b
-
SHA256
a7f76f8da81c55bfec64abfee59393222011f4b649ccf454aa96f429c0580ffe
-
SHA512
d070321acc97b8f899b1548a759eedc763b4bd45f9c54d71c48649eb18dbb2fa2e0c585b7d39f534758ee51f9cdb137326ebfbcd1f04e6d78d2dce37014aa063
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2002334876.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2002334876.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2002334876.xls
-
Size
367KB
-
MD5
0e08bdad75c460921f3698efdec6f8b5
-
SHA1
20303b3b0a8a750b79f11323154031bc00a5ffe8
-
SHA256
38378a89f23b06462932894c7ce984cd0dc2dde0460aee62789e46389b759fc8
-
SHA512
74948e4a205b2e9437415bf81b1af7f95a0ec190fbfffb269278d90ddce5562d5c9f6667e243a52985815d3389c8b77bb60bff39d2f59672f467a8ead8b91f5a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-