General
-
Target
2c2070acd612d96b786e7f8e5ace1fa0965649d4da600936b9f99bf79e331a72
-
Size
1.7MB
-
Sample
220118-wkm5sacch7
-
MD5
006a3070d15f0cb6ae1ea39b510983bb
-
SHA1
bfe6656b66937c29eca1870f23d0077219d1e5dc
-
SHA256
2c2070acd612d96b786e7f8e5ace1fa0965649d4da600936b9f99bf79e331a72
-
SHA512
ebf623feaf1e1f153790e2510887b38d777ff2d14f1dc71f86764cea8b940a6e1deeec390b861aa00252cf5264beb681039fc32eeaebea6b4820e99982a457a5
Static task
static1
Behavioral task
behavioral1
Sample
2c2070acd612d96b786e7f8e5ace1fa0965649d4da600936b9f99bf79e331a72.xll
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
2c2070acd612d96b786e7f8e5ace1fa0965649d4da600936b9f99bf79e331a72
-
Size
1.7MB
-
MD5
006a3070d15f0cb6ae1ea39b510983bb
-
SHA1
bfe6656b66937c29eca1870f23d0077219d1e5dc
-
SHA256
2c2070acd612d96b786e7f8e5ace1fa0965649d4da600936b9f99bf79e331a72
-
SHA512
ebf623feaf1e1f153790e2510887b38d777ff2d14f1dc71f86764cea8b940a6e1deeec390b861aa00252cf5264beb681039fc32eeaebea6b4820e99982a457a5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Loads dropped DLL
-