General
-
Target
catalog-1981251487.zip
-
Size
50KB
-
Sample
210513-qtnbslqqrj
-
MD5
81fd45024370bb870d7ddbd148b103c2
-
SHA1
af7c2ab58c5a17244689352a98a7aa2c1414765e
-
SHA256
55ec5f94b7ac8f0564f13a52ec53b4008d3a3fd9cea3b603bcf96bd285ced46b
-
SHA512
4bba690b58275b487b5c4436b6819b1e90363718be29fecbd44f1b993c753313d6b7fd6b961893f5407fed09ff3eb8cc695757cbb0e29a091e191ec6fed41d55
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1981251487.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1981251487.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1981251487.xls
-
Size
367KB
-
MD5
1ce3ff8075bd41a50d249a074aa25e89
-
SHA1
23c40978c1c63824aeefeeb3f420e9f073272675
-
SHA256
fbec2cfe17c29a256bdda91314514e306d4e7d863733ef90b507e543c0df7214
-
SHA512
ee890b932405a93a5bbe970ec7cffff1d23e2275c8c21cf95f134cd1017d9f9bf32d6ddeccc84527e9b06a75360b2b3171afb52e12c134f8e6d23698ed9d4959
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-