General
-
Target
catalog-252530016.zip
-
Size
50KB
-
Sample
210513-p5ytgne2w2
-
MD5
d0dc04dac74d4f39405828a4eb232f75
-
SHA1
8782a198dfc36be47e1e43fd2352d2f6d235a314
-
SHA256
e886be896051c182983098413e10014a7d233d8ee8a2ce905e1b7d596257a82c
-
SHA512
fa17d4b5d8465378ec381be2e77b75edbfaecc7e982e17759ab876762bf861b12c6506633e987ccd353e1964cf1dc896ccde18bdd6f147dca8fe63e1339560f2
Static task
static1
Behavioral task
behavioral1
Sample
catalog-252530016.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-252530016.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-252530016.xls
-
Size
367KB
-
MD5
d499f711b77a5108788b3431b975e434
-
SHA1
12ec75fb5bbccbe5bdddac2a9d16051a9f0680fe
-
SHA256
afba3d1b5dcd50c02dc0d0b8289290d16e135e75f7ac73b2b28d8564c0f09466
-
SHA512
59ca06fccb07006cfeeea7d4059419510f4f857a312a1e7caea81a3749021fab877811ed162234f12c9fc1aec4825f76e835d86a6999dcbf8d0ba3b78811528c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-