General
-
Target
catalog-2098741452.zip
-
Size
50KB
-
Sample
210513-zdralgnzfn
-
MD5
adad50c0830ae66fd1d3f115e562fc8a
-
SHA1
8413c1822507fc317ca16b339d277fdca86277d4
-
SHA256
516816611c1bfd046dd22367461542f760a14a1fbe06422f1ca5ca9580fb120d
-
SHA512
46988cb4c078e6aedf8b262097d7b8a2eea8ef834586f0bd5f6ef3f406495ba9b67955048bb8a8bb41a32aa4020c7e8991cbe5c4120954908755df309b11d6a9
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2098741452.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2098741452.xls
Resource
win10v20210410
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2098741452.xls
-
Size
367KB
-
MD5
a55a762fd05ba03e1645d621935fb342
-
SHA1
fec20b078a586b75e32b3cd07876e8a83422813f
-
SHA256
db737401e289eaad9afb22f1e7808d8facaf50d3e297f134143fae9fa28f7eba
-
SHA512
c924c19992d74f5079fd2a5380b0471a81702f7fedf53dee74c3e855e2df4400a845feff86f6b386cc3f63534e5de4786b1ceb7428e839526a84c54cf5fa2bc6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-