General
-
Target
catalog-1973695876.zip
-
Size
50KB
-
Sample
210513-ntv8p2tm6x
-
MD5
3d276bc651e0e1d816a51d69c6229c12
-
SHA1
237f8954e2d7ef42b5b11c990343b45a26dade88
-
SHA256
3dd2c1a9b67beddcde5fd1e095c982f963447144a30c3853212e682d7591162a
-
SHA512
dabb5dd74b6317837c21bfdaf4b3a7e7a5bbffe748571d9ae220206821863cfe47efeea4077d189b5beef92a89bad3824bdf48cffb6b028bb82d3110cda738a7
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1973695876.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1973695876.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1973695876.xls
-
Size
367KB
-
MD5
c3c8eee0c30eb2226f1563de17851938
-
SHA1
8aeeeaa3ddbd0c69ef93292ce41a09c277a09084
-
SHA256
9edb5d2e6a217847387b43e8a0c18a898299f4629eac73a79d47ca67fb4729bb
-
SHA512
606616929ccedd4bfcf9d2267a43277115ecc0963422f0c49aab477515b924f74c06f5758359c87e54e193c354a37e498d6693648ccefbc3a793b4ffc6ef89c8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-