General
-
Target
catalog-1915702639.zip
-
Size
50KB
-
Sample
210513-zvravvj2tj
-
MD5
cf885dea5e13fccb9da732d82ddf7148
-
SHA1
d11e30ff2ea07303bdea32fb161419734f23bc53
-
SHA256
5e7952a503858821de90a6630ab1054fb7d1324ac09f02c3b301c5a7ca3c1589
-
SHA512
2c52a28d1acb382e145a2546755f16f4036f642b24e90708b0b9d6ad55872a60c0b6d52b0a56614a50df479a493c6bae86893d704bd83fb778e44afe9634c3d2
Static task
static1
Behavioral task
behavioral1
Sample
catalog-1915702639.xls
Resource
win7v20210410
Behavioral task
behavioral2
Sample
catalog-1915702639.xls
Resource
win10v20210408
Malware Config
Extracted
https://smartpalakatva.com/edQsUZOLlE/th.html
https://pilstlcommodities.com/Ov4FlB3lpy/th.html
Targets
-
-
Target
catalog-1915702639.xls
-
Size
367KB
-
MD5
10876a6690fc3ee72e28b66d11093677
-
SHA1
7f63d09326c4bf8427e9cad5bc9e13df78bba58c
-
SHA256
cde7d3bcb03f407090717fc2d8eb6e9aa32d43d67ff8d49d817ce6a59cccf3f6
-
SHA512
53aa3d7c3daa64bf6ca2da0f27ff84d46a53c374985e09739470c2ea4e5247f3772adc05702f0b75c21f841568591c120b608186ddf9d9636807865f8d833fc5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-