General
-
Target
catalog-1928390963.zip
-
Size
50KB
-
Sample
210513-m7de4h9c9s
-
MD5
e3d4b0c9517422313563ef162c11b85e
-
SHA1
5e578bd11cdd0d3b875f305b9629b54e7040b6e3
-
SHA256
d7c22ea6f65fa96258ee8e36b5e575185e3cb6dde9a594a1e7d66bfde7462d0f
-
SHA512
2aece8d42365341966b5080184cd1f9ea65b69d98db764d75ea28aa1f0fedeb4ab91ad6b2652e6942205cd45480115926dae2bec24bebace0fcb89145c6051ef
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1928390963.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1928390963.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1928390963.xls
-
Size
367KB
-
MD5
19c386a1ee1578999c48a374f65a496c
-
SHA1
d317e939908696a5f011ec547ec4a2ba951a6a50
-
SHA256
0c499c9b41777ceab162e875af5b101d8495f02ffd285c02d31fcaff9c6940c7
-
SHA512
b1a48dcc3ccc1dd9c4ad902b3f0b5d4289b824249e8403aacc0cb463b9f776efb79364887b2076a93fb0e804ba5306e6228975dfe58a32f1cec1022342956175
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-