General
-
Target
catalog-2078447845.zip
-
Size
50KB
-
Sample
210513-rltxydvena
-
MD5
5697e51af3c2ab2ccfed5c4101fad690
-
SHA1
532a5b4aaa2ed0f0a5daa80b87fd6e9d9b54e587
-
SHA256
c1627c5e587ab1dbf29c0b53d843e0a0e8b95e8908fb19a2546db740ec600c11
-
SHA512
fcb543e6ff588d1915a728e001c39f7bf609965ec8ee3a5c18b2ba62a0f0f209f777b4da9ea1ea2e2e79bf9fdfafd21b8fd95422ca659b66f0943f14d2b189cd
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2078447845.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2078447845.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2078447845.xls
-
Size
367KB
-
MD5
a6d54af54cd22d49bf1ad8f3ffad8aa1
-
SHA1
1b9fa1a030acbca01a82f2bf43a7d368e2b614ad
-
SHA256
cd3af5d1c2ca5c7ee66d05bcb6e4113fd8e14821587973ed293ce5c9c4e0af06
-
SHA512
5ec1b5ef5e6c762f1cec8b2de7d897f6f8de0782255acfddeed78a518f62018a536b906f6a912f700877aa1bc46eb79286fce4563884999025c20257116ec870
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-