General
-
Target
5012239853322240.zip
-
Size
81KB
-
Sample
210714-z6flt8bjns
-
MD5
9963bd098265909c79ce5eca8becea4b
-
SHA1
9b4e1c143328fdf15a01c4ea407759b6052bb36b
-
SHA256
283354922c7d5016e50c2fa98c702b9f7ffd94010cf519fb22ade851f830202a
-
SHA512
818e69ef1708e52979fed7d0dd8be0419ad9baac51d66d37bf1cfa114fd80812fca498423aded427465c363ec9a11edb1168883f4d52852fe937aa184c22662e
Behavioral task
behavioral1
Sample
2c09d3a56963998d19833b6edbdfbc3e58b62a58ca361e0275b81de740d6afdd.xlsm
Resource
win7v20210410
Behavioral task
behavioral2
Sample
2c09d3a56963998d19833b6edbdfbc3e58b62a58ca361e0275b81de740d6afdd.xlsm
Resource
win10v20210408
Malware Config
Extracted
https://carpascapital.com/gBPg8MtsGbv/ka.html
https://gruasphenbogota.com/C74hwGGxi/ka.html
Targets
-
-
Target
2c09d3a56963998d19833b6edbdfbc3e58b62a58ca361e0275b81de740d6afdd
-
Size
87KB
-
MD5
5862ac9976cba84fe24e72dd6380d330
-
SHA1
a1605db9c23eeb3f49958447023d9ff85df14b34
-
SHA256
2c09d3a56963998d19833b6edbdfbc3e58b62a58ca361e0275b81de740d6afdd
-
SHA512
4e1d2bfbb72c4351046e739155297368600430cb1e891822063983b1aa98b5d4396bbc7673623b71dbbadb1dfbe279864c5cc4e3a4afb06d1d709b1b2493d8f0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-