General
-
Target
catalog-236752457.zip
-
Size
50KB
-
Sample
210513-mcrmc5xah2
-
MD5
54ef75dc45e951050276ad66f5fd1415
-
SHA1
b6f8c4c7a55193f26ab8ed9739657ab726ed8721
-
SHA256
a138c7938e093fdea439fc17ca28f78d1fa6ca217c971773c3f25a94992cb010
-
SHA512
eb880ef543a05d93d15a90a2545307ba1bcf527a1a1c873b14e99c61c06be4fdb334bea25ac3190f4fe6de8f8b2a3d63c834dddcf96ac356c68ae7149d929285
Static task
static1
Behavioral task
behavioral1
Sample
catalog-236752457.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-236752457.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-236752457.xls
-
Size
367KB
-
MD5
4f8bff7047f1dc6470deda5dc56eaa38
-
SHA1
ea318203289936b2facec1957f662baa50d6d5e4
-
SHA256
501d71d94f7dd2de7abecdb76990f964a12c56795c3b4bf592a289fb55bac8b4
-
SHA512
904c5622c8f8172ef28fe90321e7aae88f6050938ba85518023620a344fcaede45afa920c1336efc668dd5c09eb822ce400b86fec69b17bcd32538193e98bd87
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-