General
-
Target
catalog-1940915897.zip
-
Size
50KB
-
Sample
210513-srelghsap6
-
MD5
f152816a0f3f6a08319adceb9696420c
-
SHA1
aa283849e5082fd3d59973aff6946530cfbfe315
-
SHA256
d66bdca63e996f99b204db85ac4cdad64c6dfd502c84eee2d169ed69ec6f8e58
-
SHA512
f861c8639aab09db656aa4d07458bf0d62541b3759ba4449f281816cf384814f57ee05019559efa0f21d9fe74b4f8d407bc0c2de602c6a175188981a601f7fa3
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1940915897.xls
-
Size
367KB
-
MD5
f89d243fb68446e093dcacf45b516a43
-
SHA1
7f594ff6fd6ca244280e447c0c4ae0fe59b0a84d
-
SHA256
f418f4343a2409cbe8109206047737666ad6593871f9d87816ffeae6c3e58309
-
SHA512
973922cf1e09e0948a4e2322c61cd8ee1cfb8d9874ca9852166d5fd6eb956024aa8e10eb29f0a810970e82b9761f8eacb667c2e390f23074785541602a10770a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-