General
-
Target
catalog-2030122485.zip
-
Size
50KB
-
Sample
210513-ws126qzwlj
-
MD5
f933eb54fe778e77938ba8f2f6a4427e
-
SHA1
51eb8adda5c9280983a5dd5d9f1d1afcc19ab68a
-
SHA256
40b4f28e570212d31feba7afe60edd5dde669dc01c7994c7a819fcf778125520
-
SHA512
786323b8d296576cc4687493f214c42b1acc4a1f2605eae64112818b2228fc0ea35f74702c7cdb31e5b23d160daec47ba29a8bb1f99883272feac2f15ce018ce
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2030122485.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2030122485.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2030122485.xls
-
Size
367KB
-
MD5
84bd232f6e7b2e8d1de94d149203ef45
-
SHA1
d9d4e395a1c2b7d36091665b8734ab553525c207
-
SHA256
c003c1ac0e1eb457de15bd41ac146519c2aa35effff53e4993527495836f7def
-
SHA512
12a4e07a1ddace61682fd9b67ce93a611ac3293f6d53247a59b1b819fe02beded432f89238ff0c90284fa17c7c263c2c4e142d0f4e46664acb30687748861a92
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-