General
-
Target
catalog-1977979364.zip
-
Size
50KB
-
Sample
210513-ygl2d4ay5e
-
MD5
f967b1515795ab3155e930917933618c
-
SHA1
a8395e78e5f094dbf527698499f5b1c1781c37a8
-
SHA256
19f9386be36c5a6d83741c5eda9ad8c731c035f000ba19bf26317af7467655d5
-
SHA512
c210d505e5eebe885e09d76c354947c82864b87b88280023c346fded68c210bfd320b001fffac6f192decb23ddccecff2c4e27dbef6cb44bd3bd6b6e4ac5ccf5
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1977979364.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-1977979364.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1977979364.xls
-
Size
367KB
-
MD5
542daaed277c1dbcd2428f129f063446
-
SHA1
40d7febead1825ef1fa1ddbda956db673a655b84
-
SHA256
28e9c65dc02ac450a6c1b3b14ec119a3e551a72ee79d8db484e33002ca17508f
-
SHA512
d3a92bd2408efd280fc87f9d2334850d287af4d6595243acc92573ef50fb17cbaadb0838b760933cb4268638d0f19ae832bdef5db0b8c6219c5b5940bee7b200
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-