General
-
Target
catalog-2139266016.zip
-
Size
50KB
-
Sample
210513-sjptnsyqwa
-
MD5
61ae825adbf5413ccb2dfe1ccfb3cb9f
-
SHA1
278f8abdae76f86a0d495335dec66daedf4f0e41
-
SHA256
400c128b0756f2796bb0734d178616918e5909980b8fd490711ddfcfff58ebca
-
SHA512
597d4d5cd240503a51f0640c726dca23c36c128759822a6fb0e66e11128322dca150135ad7c25979bdf096ea8c40352a8a2930601488678b6c160f9d2ae36c62
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2139266016.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2139266016.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2139266016.xls
-
Size
367KB
-
MD5
37c6751eaecd773842215726fa45799e
-
SHA1
eca620624262b47eec7c6c18c6aae195915f7b06
-
SHA256
7c6d45888f95d211503c07414168d7d8362e1a188858b17f97b514ba8a4e91cd
-
SHA512
527c265b514a480e7a62ee5b79f2e44bc309b9f0eefaf1da5a76aa24d2e2ff89324df00e9aaa4db924e9dfef4c4bcfd20e57f1e6b5e1ec73c93167eaf5cead5e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-