General
-
Target
catalog-263875445.zip
-
Size
50KB
-
Sample
210513-vzkk4vbwes
-
MD5
c843f6daadebab016fc266a2c90f5e77
-
SHA1
7b8478d446fb693039774275ddf7a1dd13e7ac90
-
SHA256
9911b5a7db3a5a4594e3ce1bbc5063a7e486dda82f9f36ec34f7f4f1cf9db3be
-
SHA512
4f3e5f48b44d71958ea1779308e80e7a14ff9902829017c2dfbaa0c122f99a16694e7e8c9b8556753569ed7cb70738d8c5792ed0c344f6134f503fa49ff61693
Static task
static1
Behavioral task
behavioral1
Sample
catalog-263875445.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-263875445.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-263875445.xls
-
Size
367KB
-
MD5
a2b5afab8787eef21e0d90b379c81501
-
SHA1
cc458e5590733e958b246eed7be7ac02afe89af3
-
SHA256
89a18aefed41944305db3b5c39880378ce1a8434d449c87fbf2cd20c2a903896
-
SHA512
9d8f125eef07ef2952918a950b5b2a098d02bcd809e2b5eb4c18a151cf687b9ad38601ab6755da4b04697fa9d8b29c3b9c088c855282360a85ee612af850eaa6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-