General
-
Target
catalog-1971983960.zip
-
Size
50KB
-
Sample
210513-wpqwq7hl86
-
MD5
f7cbe4e2d91106d380e1cd0cd6d72a19
-
SHA1
92e2735acd856f454942ed9ff1c086258959b1a2
-
SHA256
d768b54b28129fb5ed7105396a76cc46a74e46644c01a2e529471ca67c25f2dc
-
SHA512
ca43dc88f081173d26aa847026fc785524b51750ccec2b26358ab55839a34b1bb01f828e6a471a32afad5120894a3f00849c77160babb04de522aa1bf450a665
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1971983960.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1971983960.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1971983960.xls
-
Size
367KB
-
MD5
d028f64916d4f3bbfa2b2087ed469aef
-
SHA1
0d626e3ad3226b5d63e92f9cc434561f146b6277
-
SHA256
30f267731c59a76c1849a66ab62ec5b500b19adcc7b157230588d089d0e28286
-
SHA512
4759e6f54a94b7243a1a0c916c943e40e9c70f145d39592071aea86dd4fb2d9f9b8074ab3863acd6a044ee826e1f920e9f8970669d94161d6b9a0df17310e42c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-