General
-
Target
1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b
-
Size
113KB
-
Sample
220111-zvjf5ahcb9
-
MD5
1db77f0d16e44a513d941c17e895dd02
-
SHA1
a8451288d8309179bb580d9d6949ee23f7a24eaf
-
SHA256
1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b
-
SHA512
bf0df083a63711cfddb999548afa1729e0fa4a637f1d35fe1eb282c46eed9fee55ff740e593c9893f241ad28975f5b032f8fbd4a72a5d9000115c135ff0a8719
Behavioral task
behavioral1
Sample
1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b.xls
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b.xls
Resource
win10-en-20211208
Malware Config
Extracted
http://gaidov.bg/wp-includes/Ug/
http://studiokrishnaproduction.com/wp-includes/3mJ/
http://goodmarketinggroup.com/live_site/Y9cEk9QNlDUeg/
Extracted
http://gaidov.bg/wp-includes/Ug/
http://studiokrishnaproduction.com/wp-includes/3mJ/
Targets
-
-
Target
1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b
-
Size
113KB
-
MD5
1db77f0d16e44a513d941c17e895dd02
-
SHA1
a8451288d8309179bb580d9d6949ee23f7a24eaf
-
SHA256
1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866b
-
SHA512
bf0df083a63711cfddb999548afa1729e0fa4a637f1d35fe1eb282c46eed9fee55ff740e593c9893f241ad28975f5b032f8fbd4a72a5d9000115c135ff0a8719
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Drops file in System32 directory
-