General
-
Target
catalog-2077572488.zip
-
Size
50KB
-
Sample
210513-svwpy3vtcs
-
MD5
6292d8285cc0839783a92b1896668bb7
-
SHA1
9942a353a1ae6fac1c538ca82dec2a222c31d885
-
SHA256
11a82d99ae5fdb5cc4438188e30ebe799356cbf1671c1c893f1e797ea1b516ec
-
SHA512
2e107711559bfacc046845cfffeac5155771ff2999156fa5d6754bca12e625418d50755eb771b4653c42764478f623e5eb4e5d8724fa8d6c9bd9d56b3b450d0f
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2077572488.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2077572488.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2077572488.xls
-
Size
367KB
-
MD5
e2a2ab5fed81c1abb6ec1f2326e65cbb
-
SHA1
8268b9deff37f48e97c27daac52022f92a2988d7
-
SHA256
b12eba05ad4543196d272b3593e19cab66a4e0486c79b0344c0f9ec98e98ae02
-
SHA512
258090cebb97aaa9a3edead37de2fdaa2eb38e3e5de2d86183503f7acac7c25504f8f8c5b13b708612bc0a72b65fb1dc64ed82e2ddfbce0bb6bc94d8a829c75f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-