General
-
Target
1fe942f8fb7656e92f1d24a24cce7fd0bf9564693184fb8883203a4733b51253
-
Size
99KB
-
Sample
220117-m6vmbaaabj
-
MD5
4d0597bff370b6ad371c1c7cb3fc1ac1
-
SHA1
1168604e7f52b3c3ceb7e71eea9c3796881d0c26
-
SHA256
1fe942f8fb7656e92f1d24a24cce7fd0bf9564693184fb8883203a4733b51253
-
SHA512
327fbf2bf248053419e9c7cc0dd9bac149a718f448222b5b81ba45f5f802153755a9b681be957836f560aeab2e3816b6c912015f196900d2311c4ae6e111a6d5
Behavioral task
behavioral1
Sample
1fe942f8fb7656e92f1d24a24cce7fd0bf9564693184fb8883203a4733b51253.xlsm
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
1fe942f8fb7656e92f1d24a24cce7fd0bf9564693184fb8883203a4733b51253.xlsm
Resource
win10-en-20211208
Malware Config
Extracted
http://auto.lambolero.com/f1nygync/IOENXupeXUt/
http://admin.sattaking-real.com/globals/pPBxU7VQpL4/
https://alignerpliers.com/er1lrd/0f6NDjKJLe8OCjvruY/
Extracted
http://auto.lambolero.com/f1nygync/IOENXupeXUt/
Targets
-
-
Target
1fe942f8fb7656e92f1d24a24cce7fd0bf9564693184fb8883203a4733b51253
-
Size
99KB
-
MD5
4d0597bff370b6ad371c1c7cb3fc1ac1
-
SHA1
1168604e7f52b3c3ceb7e71eea9c3796881d0c26
-
SHA256
1fe942f8fb7656e92f1d24a24cce7fd0bf9564693184fb8883203a4733b51253
-
SHA512
327fbf2bf248053419e9c7cc0dd9bac149a718f448222b5b81ba45f5f802153755a9b681be957836f560aeab2e3816b6c912015f196900d2311c4ae6e111a6d5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Drops file in System32 directory
-