General
-
Target
catalog-216235674.zip
-
Size
50KB
-
Sample
210513-mts7dpaz1s
-
MD5
cab90cd2abce0dd673ddd44d7232b936
-
SHA1
8ecd301c38ffd452a4ec020d369677e75308d5e8
-
SHA256
5fa3dd7b3ce99c0871bb5d8ca71d9913c9d357632f4a4350846c91159574ccbf
-
SHA512
b15218b8dce70261de3cef251a1979ca6a42c69eb75976b31ab7ae1b580b9bc7af1afff83b3349703a301fa8546a108579b639ea6f0a94fbafafe24af8e9e40c
Static task
static1
Behavioral task
behavioral1
Sample
catalog-216235674.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-216235674.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-216235674.xls
-
Size
367KB
-
MD5
6bded2a6b0a1b9ec13b5f8180f6b12fb
-
SHA1
02420d9db0fa0c06a3b330ed828d42a2bfd7a147
-
SHA256
3d346e6c15d0d025ec9fc4b3857625fef81f24e6b924baff7c5372d0eb378112
-
SHA512
58c50e9bb4efc69ffdbe6198eb7747ff6c2358c100f97ce4e3e2bc89660459fde30de03851a69e36a2b781a02ca62c168c2799b01efae85859230d93c7932bd0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-