General
-
Target
catalog-2092391987.zip
-
Size
50KB
-
Sample
210513-n6tkzndlh2
-
MD5
08253b5e16d587e6b009e00ba927d589
-
SHA1
4bdfed40eb6030272592407a8d99fa6a30e170ef
-
SHA256
cb803db868c5c9ca9afb6beabace8d8d56b8aaea584f6d7abe880c649b89cca5
-
SHA512
a53b90fa7b1b83e3f4aa22075c86faf2602590a510600caa17475a849400cd1424ad96e257fca0a6f393f10369bc2c9d1c2a8f2bc30b011a2ef292e48fab960f
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2092391987.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2092391987.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2092391987.xls
-
Size
367KB
-
MD5
bfba956a0060db4b1652555e49f4d4dd
-
SHA1
04136e538857dd4f6b51e34e4832ee74a35b145c
-
SHA256
27aee427afe05cfcda720658b55944a935bedb3023f8ab3e214d5e32a01b737b
-
SHA512
2176fc7a1f709cc9f20da2d76d813428ee222c2f4665a287a550872c992d1272800ae644b7cb30c22781dfcba4d7f7faa4c194e22201103e975ecb3518f2b285
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-