General
-
Target
catalog-2139086320.zip
-
Size
50KB
-
Sample
210513-zvgph5k8px
-
MD5
e3721c08e5e8c48ec7d813276f8f0dae
-
SHA1
8b61cb9eb2c5fa33b64bb519fa719efe147c197c
-
SHA256
3822bf638906a587b1810852af17e49b861b60525b4fd286b21fa6ec1153d944
-
SHA512
943ffb7354bad789381e7088a190e75583466460fb4c9f76aefd7d0a7ea69d22f1e80547e7e31da9ea7f92a9f208130bcf710b54a04922e8ebdb2a3c2a1c6fc3
Static task
static1
Behavioral task
behavioral1
Sample
catalog-2139086320.xls
Resource
win7v20210408
Behavioral task
behavioral2
Sample
catalog-2139086320.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-2139086320.xls
-
Size
367KB
-
MD5
9efe20e7dc4f210318048930099888a0
-
SHA1
b2dedd799f1a94e55ee747982418069727c38b09
-
SHA256
8ea01326ff4161e3cd3d5a5098ccc9b3b89b9b8a96982508c565dd3c712f3ff0
-
SHA512
f20dd396303acd49f11be3e94b3bef24407de326765cb88bfc08a99d2e0e426551b95cbaa1f4f490580e16aaf2190394eb9f0f53ca19331b7ee15567deb8a03d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-