General
-
Target
4c26657af2c3d125e367f56a36faf49573f77c6a9af55143175ad81263569504
-
Size
83KB
-
Sample
220114-aj15csdda9
-
MD5
7af5d5d483a8030e2f6a8bb74b7d0f44
-
SHA1
75e2644fa41cb965a182fde157f78aee69a74a01
-
SHA256
4c26657af2c3d125e367f56a36faf49573f77c6a9af55143175ad81263569504
-
SHA512
f006236102582f2d47de79789aeb65dcde8dd363dd9c3f841a51740fe786031caf59ae06c63ea337d50e472c2145f8757156afbd60608a05f43d350cb39eec04
Behavioral task
behavioral1
Sample
4c26657af2c3d125e367f56a36faf49573f77c6a9af55143175ad81263569504.xlsm
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
4c26657af2c3d125e367f56a36faf49573f77c6a9af55143175ad81263569504.xlsm
Resource
win10-en-20211208
Malware Config
Extracted
http://adi.iswks.com/assets/hO1v71pqfNN/
http://kopbhawan.com/mdphht/fwqEBVQlJXHayt/
http://towardsun.net/admin/dcg3jSLkPuYsQ5xB/
Extracted
http://adi.iswks.com/assets/hO1v71pqfNN/
Targets
-
-
Target
4c26657af2c3d125e367f56a36faf49573f77c6a9af55143175ad81263569504
-
Size
83KB
-
MD5
7af5d5d483a8030e2f6a8bb74b7d0f44
-
SHA1
75e2644fa41cb965a182fde157f78aee69a74a01
-
SHA256
4c26657af2c3d125e367f56a36faf49573f77c6a9af55143175ad81263569504
-
SHA512
f006236102582f2d47de79789aeb65dcde8dd363dd9c3f841a51740fe786031caf59ae06c63ea337d50e472c2145f8757156afbd60608a05f43d350cb39eec04
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Drops file in System32 directory
-