General
-
Target
catalog-2108526620.zip
-
Size
50KB
-
Sample
210513-qspz2vnq92
-
MD5
ee1c197c11a7488acf2cdcd44f9aebce
-
SHA1
c124ac6b47c923c1b0f5c5f38be00759684f8da0
-
SHA256
87ff7fe0ce85c32f7c4080714a75c709dd334d7c5f2a0344c108cfb146ed93de
-
SHA512
97a30247950783f597b86c8dba85fb68ec2f32ce5da1db03d3361b3447d068ed9a30d28cf3b2d1d06e0d44846f9cb57ac2b740c19f87d155f4e7a126844fe0a6
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2108526620.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2108526620.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2108526620.xls
-
Size
367KB
-
MD5
06c387ee3645fef3c674a6904faf84ba
-
SHA1
f395ed424c6c27e0f6a892a16d7e5f088202c9a0
-
SHA256
8626acd732f4ff0d8ac163caf598bb64cba245289c31d7c468cb86ac96ff7fa1
-
SHA512
2f80fea186e814c0b73daac80484e69ba9c4dbc6a3cd43cf521ed3773498d5af2c35ac76a02b24700859e1d220cfa4e9c80e2e62fdc5f7a91b73cec213ba564f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-