General
-
Target
8bec2125ada9f365ce9979eb8334ab12136f40458a47969f00c5d852f48c03a6
-
Size
83KB
-
Sample
220115-s9b72afahn
-
MD5
6ad45f1e5b688b5b8cdc0d97f32d1fba
-
SHA1
bf1cdd7cfd2940f24489bafd3945713506772e30
-
SHA256
8bec2125ada9f365ce9979eb8334ab12136f40458a47969f00c5d852f48c03a6
-
SHA512
1badc13b0b088c786616e1600865674c7a3801c7485de60b5c548f40993cb99542d83107e82c9948fccbfd2a65e0ac0c039cef0779094def500b76b4b4fe7051
Behavioral task
behavioral1
Sample
8bec2125ada9f365ce9979eb8334ab12136f40458a47969f00c5d852f48c03a6.xlsm
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
8bec2125ada9f365ce9979eb8334ab12136f40458a47969f00c5d852f48c03a6.xlsm
Resource
win10-en-20211208
Malware Config
Extracted
https://zml.laneso.com/packet/AlvJ8OdtSYEeeCQP/
http://ostadsarma.com/wp-admin/JNgASjNC/
http://govtjobresultbd.xyz/sjjz/UIUhOHsLqjOy9/
Extracted
https://zml.laneso.com/packet/AlvJ8OdtSYEeeCQP/
http://ostadsarma.com/wp-admin/JNgASjNC/
Targets
-
-
Target
8bec2125ada9f365ce9979eb8334ab12136f40458a47969f00c5d852f48c03a6
-
Size
83KB
-
MD5
6ad45f1e5b688b5b8cdc0d97f32d1fba
-
SHA1
bf1cdd7cfd2940f24489bafd3945713506772e30
-
SHA256
8bec2125ada9f365ce9979eb8334ab12136f40458a47969f00c5d852f48c03a6
-
SHA512
1badc13b0b088c786616e1600865674c7a3801c7485de60b5c548f40993cb99542d83107e82c9948fccbfd2a65e0ac0c039cef0779094def500b76b4b4fe7051
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Drops file in System32 directory
-