General
-
Target
catalog-278882111.zip
-
Size
50KB
-
Sample
210513-rl96mer4qa
-
MD5
c3bee211876e2dabf069a377f1918612
-
SHA1
3502f69bf0aa6d666b80dcfde623fb401cea9696
-
SHA256
12d3e0fcfc1a918e3dfecc00f306387735af877396974359e36236c78fea6137
-
SHA512
526377ff5cc9048f40dbacc1e289e86a1d5a24888277c1dd3a9018b4635e1be5124bd38ed556ab3fab0c23abe150eabb8722162048ebef38e4cd3830dd6075d7
Static task
static1
Behavioral task
behavioral1
Sample
catalog-278882111.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-278882111.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-278882111.xls
-
Size
367KB
-
MD5
0ff6abd132e201c61675b446982cb4d9
-
SHA1
d56105e9c3a03eb1a7235d219270b251344ad892
-
SHA256
c4e0273f94893712ddd941d8060f0d26fa222922df40cd4fcc0cbc4d92888b94
-
SHA512
60b2b7641c6d00a7e21a72ae2e1cabd688dbc2f13c5e91264ace4b4de96f38a6afeb6980190428359cfffedde8b4d93a35eb7409d9c9879c75a0e1cbd7cd211a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-