General
-
Target
0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a
-
Size
83KB
-
Sample
220114-hkjwgafaem
-
MD5
5610c5825e0a6dfdeff609a7892a5248
-
SHA1
3d51a54040324acc824c1b9beb8cb042e923fb76
-
SHA256
0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a
-
SHA512
81f025d1171ec68e1b67dd57778d8475382a6c70c9815931f9a3e4c24f5dd50d98ff096598669de5c0bb191ab22a7e0e8e6b88ff73a068ef6e12cbb9548d38f0
Behavioral task
behavioral1
Sample
0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a.xlsm
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a.xlsm
Resource
win10-en-20211208
Malware Config
Extracted
http://adi.iswks.com/assets/hO1v71pqfNN/
http://kopbhawan.com/mdphht/fwqEBVQlJXHayt/
http://towardsun.net/admin/dcg3jSLkPuYsQ5xB/
Extracted
http://adi.iswks.com/assets/hO1v71pqfNN/
Targets
-
-
Target
0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a
-
Size
83KB
-
MD5
5610c5825e0a6dfdeff609a7892a5248
-
SHA1
3d51a54040324acc824c1b9beb8cb042e923fb76
-
SHA256
0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a
-
SHA512
81f025d1171ec68e1b67dd57778d8475382a6c70c9815931f9a3e4c24f5dd50d98ff096598669de5c0bb191ab22a7e0e8e6b88ff73a068ef6e12cbb9548d38f0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Drops file in System32 directory
-