General
-
Target
Comprovante.ppam
-
Size
22KB
-
Sample
211222-frz5xsfaa7
-
MD5
56fc85bd91e505a96fe56c0881a98d3e
-
SHA1
8c99de3829f6c5a82d0dd96b55b5ae86b5860f8e
-
SHA256
62540ba573e873b816d3d956132804254a23207e6bfc9f7a371a68f5aa8090ce
-
SHA512
51634d291fbc74b5ff6242659f6d2202698c95bc74d4065772db6c69d5031dfa561ceb95d11074e0f3b2030abcb986ce80864bdab1b57341cf0c1d106ed7a7cb
Static task
static1
Behavioral task
behavioral1
Sample
Comprovante.ppam
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
Comprovante.ppam
-
Size
22KB
-
MD5
56fc85bd91e505a96fe56c0881a98d3e
-
SHA1
8c99de3829f6c5a82d0dd96b55b5ae86b5860f8e
-
SHA256
62540ba573e873b816d3d956132804254a23207e6bfc9f7a371a68f5aa8090ce
-
SHA512
51634d291fbc74b5ff6242659f6d2202698c95bc74d4065772db6c69d5031dfa561ceb95d11074e0f3b2030abcb986ce80864bdab1b57341cf0c1d106ed7a7cb
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops startup file
-
Suspicious use of SetThreadContext
-