General
-
Target
catalog-253019122.zip
-
Size
50KB
-
Sample
210513-mhmjlspxlj
-
MD5
f532c4a0e3825cbeb416403a32cfddf3
-
SHA1
635860ecfcaba6ef3e4576060d78a198de99092e
-
SHA256
921e6e37c31b1273b88e4b60d148d90a674c1ea58150e0120ebd62a832d82724
-
SHA512
01d1d78e0e48316a993c8673acf99a4f36c92f8a5ff8c5471ffef0bf178a80b3be22f78c364c8abc3fc007b1063824dbdf5c9137a6eadd30b68f00f9dfd0648d
Static task
static1
Behavioral task
behavioral1
Sample
catalog-253019122.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-253019122.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-253019122.xls
-
Size
367KB
-
MD5
cca3648fcc56dbe873ee8bf7e4138e38
-
SHA1
774f86b2c86969876f818468c0161806433952cf
-
SHA256
355a3ea3bd8c056d7a870b706b7e3fd5472672e2bfa53e9967bb606ffb283f6c
-
SHA512
fb7f6e71df53df4a2fe6a77ecb14ca8811017f4fa8adeb3fa14adc09d0ff4989a23f5343f7f4630b77e6c87db585dd7e5412ca1973ace897c49078bd67282897
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-