General
-
Target
catalog-2128875808.zip
-
Size
50KB
-
Sample
210513-xfeat24czs
-
MD5
b7506b267a0f95e209ea175f36c3abdc
-
SHA1
b2dafbf6508f5afac8ea2ccd9f0a45d1b1778a01
-
SHA256
010ba7fc1e7761a8adb054eaf1258ac9e15d584cff7936fd01e2f14ddd4f1476
-
SHA512
c4539fc60638b965d71a8cc707059d37381ce415cc490bbfe5817159433f45d07860010c5f2e4d3dc577964a2cf7da356166b2f1636bc5b4356f847473792971
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2128875808.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2128875808.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2128875808.xls
-
Size
367KB
-
MD5
864eaf02552de6c727e9310eb9cac578
-
SHA1
1e9fa89e689e4a62db7aff326a5427743709efe4
-
SHA256
bf079e444a7e9750fe3f3090e8d5c78447009427ad01e8cf9037653716809b13
-
SHA512
88b49fe78611e7103ad692c8fedd66b96851225ae6f333ef8fce226e47d1d89d8692b2fe48a5eb73f66cfac7a2c3db0a264fe747ea4dc4af7062c951c5a4a3b4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-