General
-
Target
Invoice- 8765432345678 Oil_Field_Swift_remmitance.doc
-
Size
56KB
-
Sample
211021-w7z3vsbefk
-
MD5
14124094350a4280daa20a5328ec2954
-
SHA1
323f142b39d5a541d9ef68f98df26a28032ca12a
-
SHA256
f4965c1fcd7e5104b08e9aca3cc989f1a487f64ee791f013ef105f981d67e90d
-
SHA512
4cc0e648fbc349ea80fec1b55e047b388bd37e28c9a291f3b5a5f7b472be99c5c09afe12afaef9dc8776a802f42695998bc461523f77be922514972f421985ee
Behavioral task
behavioral1
Sample
Invoice- 8765432345678 Oil_Field_Swift_remmitance.doc
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
Invoice- 8765432345678 Oil_Field_Swift_remmitance.doc
Resource
win10-en-20211014
Malware Config
Extracted
https://sec6ur1.x24hr.com/g/soleApp1.exe
Targets
-
-
Target
Invoice- 8765432345678 Oil_Field_Swift_remmitance.doc
-
Size
56KB
-
MD5
14124094350a4280daa20a5328ec2954
-
SHA1
323f142b39d5a541d9ef68f98df26a28032ca12a
-
SHA256
f4965c1fcd7e5104b08e9aca3cc989f1a487f64ee791f013ef105f981d67e90d
-
SHA512
4cc0e648fbc349ea80fec1b55e047b388bd37e28c9a291f3b5a5f7b472be99c5c09afe12afaef9dc8776a802f42695998bc461523f77be922514972f421985ee
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-