General
-
Target
catalog-2034469038.zip
-
Size
50KB
-
Sample
210513-retbxzhgea
-
MD5
f04aff29ab5752fa7089825d56877d9c
-
SHA1
55a2384a221cdf9e82b8a89276376f1ab8e84958
-
SHA256
8ca364ed7098ed2237f9f888352f0253a2aa7c79eb8372210bc9484d0e17a9b4
-
SHA512
8ae7de838d55a6de33ac49cde3db3dc9c1589b768d5681142ecb537d3256c52b6bb6c694de2e689c382f37167ed439c84867c8bdb031cf22f257b22d81bceed3
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2034469038.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2034469038.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2034469038.xls
-
Size
367KB
-
MD5
8f39b777bbe0f2eb8820d03771b36499
-
SHA1
38b041907c0678b88b1077996219f77d8ed69c1e
-
SHA256
6a25a246beaf052796432b25ef9b1589930d867caa49ed6772b73c3b3cc26c52
-
SHA512
65483f338c127b7703912d284d0aa70f6392fb9824c92c6657abeae12f9623fd9bb464f12f053d883f6189cfb884cf895e53044059084d4a9820fa38147c535c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-