General
-
Target
catalog-1951952698.zip
-
Size
50KB
-
Sample
210513-n1cgyyq6r6
-
MD5
bcca3ae27b289254a3ae15170a2eec47
-
SHA1
3d27eca9329e40fc8d66b3cca551d8c87153373c
-
SHA256
dd5882435ec99aa9b269d1edc694987f9647774a4eed5fd688b2be7bb5dda44c
-
SHA512
ba55d290a3463ca54385f72e5b8df0a2b209e8aa83c7953aea33d5d41ab7f1512a6bc8c409c9b0f092ad9d65ca85f68738ae102057c62edb819ece17635afc15
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1951952698.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1951952698.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1951952698.xls
-
Size
367KB
-
MD5
8ecc01131dd65a9798f9c23e64f50a67
-
SHA1
9925b3b1bd7d23accd232e4f607d73e9cb0e502a
-
SHA256
318ad4ba3470f11966f91e5d38fa22ff1dff1a78102fb3c1d5a059cf68e69bf5
-
SHA512
00794868a2756f55c9c6b6ded3bfe8a88b9c9c6b8ad3dd9d59a2682463f014ae371e39e36eb589c34fcb572f104a2d9d9ca4cd298296fb780cf46c4592627de5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-