General
-
Target
catalog-2092578801.zip
-
Size
50KB
-
Sample
210513-nlwtx9szrn
-
MD5
0c6ad2a5390f98aa72a8bb2f0a44b390
-
SHA1
33de7dea15fedf2008d80bab3d61c0b334a9f601
-
SHA256
d5ab86b3c119a19fab929700b85a9283429c24b897cb14bae395899f334371fb
-
SHA512
85453836ec1c51295af01f80a208fd8cf436d237b77650835f15c30704856f67cc6adb0a6b60d91745aaf4e708c8b5ffd7b0fb1573409aee6ffd331e541b94f4
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2092578801.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2092578801.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2092578801.xls
-
Size
367KB
-
MD5
ddbb7fcf608649aafaf9c1a468093f0b
-
SHA1
b9ebbf6ac9fb14c2f070fcbc445ad951ed16bb67
-
SHA256
2952cd1f5f7cdcaedff7b14fd16ee96f4b9a41a1651edc9330a5e4129880cb7e
-
SHA512
2e07adbc1c743b4e2142a1d82d50f4b1f6e5bbd7dfa85d085835458cd7b0c5520cf021339c3cc68ecdafbed5af85e920edc07c110770d4cce25d25e5efd8d1a6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-