General
-
Target
catalog-200342936.zip
-
Size
50KB
-
Sample
210513-qpeaj5znn2
-
MD5
8e6f23938acc673f184dbf6815553319
-
SHA1
e5337386bb0b5fed528db424b34aaf20a4543da5
-
SHA256
17ac448075a0012cfb3256531714208d8445e31cd928a5e2730d5020ad589012
-
SHA512
4cd277151cc5220a9821abb5992cb9cd0a382939a1753dfbd1501544dff3e384e9d36b709cf50753c3e75cf639c431359847e674072656d7784e3c15ec9969bf
Static task
static1
Behavioral task
behavioral1
Sample
catalog-200342936.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-200342936.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-200342936.xls
-
Size
367KB
-
MD5
9a463d361231979b3af1aaa5bf3bd984
-
SHA1
07fc4a32d845587574125b4e9c1197063e0164dd
-
SHA256
ab57c5a5efcfc2c6db428c189123459f8cd2cd44ed969121f01a6553c21fe593
-
SHA512
544e5b1a8be1daa94d3b685536138f6f4c4f8aeb46e4603be52b9b8e4bc32f462acd3e43d737ef461789d42dddd1efa0f84bdf6c425904c2d1a1685d42fcd285
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-