General
-
Target
catalog-27665490.zip
-
Size
50KB
-
Sample
210513-n3rb6sfdj6
-
MD5
ef52d43f3218baf23251ebb8609c0c89
-
SHA1
8e45fe5e3b179551ca98b4433e7aced9c679bd42
-
SHA256
22a0730667ac9a4f7bb8eab206f45d3e78f2a95a0189223f2490b0f29a8c636f
-
SHA512
9e172ed6c9f3f3c45da0b78912be319accde27e0ef5ce16aca5a6ecf225a7d9d2f1f6e1bb634174d2a438b1a2285587a0c355606f16ee17659e1f1a0a8f1345d
Static task
static1
Behavioral task
behavioral1
Sample
catalog-27665490.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-27665490.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-27665490.xls
-
Size
367KB
-
MD5
7fb342c371716de63e29a80032e0ba44
-
SHA1
9d5297495c5b217ecfebd5eb92cae9f060559662
-
SHA256
d0660c3c933c0438bc9f9be8694112845fa14b2b28c759fa47dab1e712827013
-
SHA512
e5828669d601075e3559ceb770d28410a71e4a450cff7756c20e9bf1175cfe80711861615402f9c47bbcba7d06347a1d58b386ab86971e2f51ef1c6bb529a376
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-