General
-
Target
9f99abf0edf0c585155192ef48ca7c3eaa1a479f594ce2ca6406c92f02e1e7fe
-
Size
1.7MB
-
Sample
220119-wns57scbf4
-
MD5
255f13e3ba9b087779d54f55d7b32dfb
-
SHA1
64cd4e8796e8f0f500376f682e831d88118409be
-
SHA256
9f99abf0edf0c585155192ef48ca7c3eaa1a479f594ce2ca6406c92f02e1e7fe
-
SHA512
1dedd8b2f535fa7968a477b796c3c81cf80454ce83e147c926f28900c86f7b3b26f039fc89a4ee8773125e8222967054cfd8640960166c940ac8b1cd899eb267
Static task
static1
Behavioral task
behavioral1
Sample
9f99abf0edf0c585155192ef48ca7c3eaa1a479f594ce2ca6406c92f02e1e7fe.xll
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
9f99abf0edf0c585155192ef48ca7c3eaa1a479f594ce2ca6406c92f02e1e7fe
-
Size
1.7MB
-
MD5
255f13e3ba9b087779d54f55d7b32dfb
-
SHA1
64cd4e8796e8f0f500376f682e831d88118409be
-
SHA256
9f99abf0edf0c585155192ef48ca7c3eaa1a479f594ce2ca6406c92f02e1e7fe
-
SHA512
1dedd8b2f535fa7968a477b796c3c81cf80454ce83e147c926f28900c86f7b3b26f039fc89a4ee8773125e8222967054cfd8640960166c940ac8b1cd899eb267
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Loads dropped DLL
-