General
-
Target
catalog-2057850280.zip
-
Size
50KB
-
Sample
210513-wefpgfkt12
-
MD5
47016bccca443dee0e0d964d96f76ef2
-
SHA1
e1ea43c7004766c8cf39a996f59c961fff7be589
-
SHA256
c3f7771ed282faf0fa4d16bb72b4d62b9cd22e232eb0c73262ec8fcae15bd237
-
SHA512
7107e313a38c0eaecdff661ee024c104110ef9092a98d9a00f5453c80c109363706a84445243858f246ea55b288df7fb371b382136543adfb1fbbd9185c2debd
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2057850280.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2057850280.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2057850280.xls
-
Size
367KB
-
MD5
5a7071c7b0dda9e5d66cfffe22ba6d38
-
SHA1
eb5252172360301b8f347eeb46c12ce9bd67c7e5
-
SHA256
66e8cde19f269b216b400df999df8a0d700c632b9c131c533ce3943b5d1395dc
-
SHA512
3c00442c9364b427de3668567f2135a1075050ce9eb6eefbd00f6dfacba0e63f6cd9193887b25852cd94b5dbabe4760bf208715a9051eedd4c1cfb7b0acd1360
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-