General
-
Target
catalog-2013516395.zip
-
Size
50KB
-
Sample
210513-msmem1tehe
-
MD5
c457758b11ca1cdc09cebe9391554704
-
SHA1
6606e336f5739e83608bf086eaa0015730d95743
-
SHA256
60d9c70f1bb1c1f428bb6fb14a86ed07fbcb6d228d4628a1eb600c9236d93760
-
SHA512
2239f026f19a75566b374b7a559792419c98e6df1b40e075cf1338795bf6610e9a1c896cfa4962b31524a3fe50b5d7c439411ad2dacb60a04c70f8f2b67cbcd8
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2013516395.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2013516395.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2013516395.xls
-
Size
367KB
-
MD5
10fa72ec3f271607f50229436be4aff0
-
SHA1
f11dd7f03f0558bd8e94116c44c1407400b583e9
-
SHA256
4245ed2a0f5e4f3f8a5f5c6bd0ddea695c3fa2830be20d30627460564b3ed0f2
-
SHA512
e6bf973cb7bf245fb641bd458f0aa286efb3888d9b847e255d53e96bd4438179bc1915561b2f7842f3ea3351550b056af65217c47843e077c9c76621686b0955
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-