General
-
Target
catalog-2006600259.zip
-
Size
50KB
-
Sample
210513-yaefwarf5x
-
MD5
5ec22259907def99f05e6a75dd872111
-
SHA1
7c24c6e42b8a4a4e1ef10d0263c19c11752148cb
-
SHA256
a29c86e43e78cfb3ba3759f7946d15d826129031ee884ebe3f76ef2fa90ababf
-
SHA512
5fee1c7a53bf139ff23d9fc74a55be0f87bb9cdb0da3124d66112c40f0606861c9b4251834e340ce633d1b1305c684680357e9c4fe2944343e4405ed29f6e8b5
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2006600259.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-2006600259.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2006600259.xls
-
Size
367KB
-
MD5
ed2013b4e4ccbc43be8f3a0413e099c1
-
SHA1
d039486f9775447792797d286467ac3d8ac987d4
-
SHA256
9997a64dd776de7a5c84866db4d7278b8218b9bef0ff2167c520d4ba7dd07db7
-
SHA512
c914134e55b48faac35c333739dedd5763382f0b60bd08bff8a29c62abc0a28ed172275e2b573ba0da4d0e455d96c47bf45b6f92040b4091c96f2ae9a376534a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-