General
-
Target
catalog-245528355.zip
-
Size
50KB
-
Sample
210513-lvcb8tmfa6
-
MD5
17ac4027ded9d6df0b0ab4bb4175dfb9
-
SHA1
7bf399491193cdeb2ffae157740296b811919fad
-
SHA256
d149e83c2ec92e82adbf1b35214e1f202c39d1cee5d006f74e03248adc50c833
-
SHA512
3059e39e1e8f09c268aed4bd6d444936f9e6f7a970fa8ef1603f19a67ea94938961142732542a6331039ae2563f687b24377763826b264be4c9d1402d3c32190
Static task
static1
Behavioral task
behavioral1
Sample
catalog-245528355.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-245528355.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-245528355.xls
-
Size
367KB
-
MD5
a0d337478fc0d8357ff2ecf75c65bca7
-
SHA1
b7f9960c2fb8fe6d6452b7b117a6ecc38acc5df6
-
SHA256
c23a7cbcf95daaef69522f28b4d9c9b775e30f767188749bf658f7d183e2025e
-
SHA512
870ed4aa0e5aa4c61823c1bb794e9a5348dd83ff961203eab169c99079fc2d0058dfe31431ba63155a54bfb1ec65341ad2a502b3bddd7e0331a29468c7ead332
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-