General
-
Target
fa8506376e363d8dfa767e7e4da6b56b
-
Size
1.7MB
-
Sample
220118-3t17bseac8
-
MD5
fa8506376e363d8dfa767e7e4da6b56b
-
SHA1
c2d9101667a55f430c0513cbf748be8723b9e245
-
SHA256
09f0d56342e53b1af01eceb399c3f0bde5e61ff654d9117a57868466750e2e93
-
SHA512
1074927abee15cfc9a51ab9cc160a8c339a7a2989399d5543ed2d00daa03b544b0d92d02eb35c8fad3ed037ae00e125619d587cfd3506322c337c56b21c15865
Static task
static1
Behavioral task
behavioral1
Sample
fa8506376e363d8dfa767e7e4da6b56b.xll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
fa8506376e363d8dfa767e7e4da6b56b.xll
Resource
win10v2004-en-20220113
Malware Config
Extracted
Targets
-
-
Target
fa8506376e363d8dfa767e7e4da6b56b
-
Size
1.7MB
-
MD5
fa8506376e363d8dfa767e7e4da6b56b
-
SHA1
c2d9101667a55f430c0513cbf748be8723b9e245
-
SHA256
09f0d56342e53b1af01eceb399c3f0bde5e61ff654d9117a57868466750e2e93
-
SHA512
1074927abee15cfc9a51ab9cc160a8c339a7a2989399d5543ed2d00daa03b544b0d92d02eb35c8fad3ed037ae00e125619d587cfd3506322c337c56b21c15865
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Loads dropped DLL
-