General
-
Target
7912ecf58bf36144f792f5fb357c4194229b1e3728d9852c4376fa297ddaad5f
-
Size
1.7MB
-
Sample
220120-gebggagbbl
-
MD5
ac96920684c5c701f1c69152019d50ac
-
SHA1
faaceebc1bc32ff76a338cadf0df9988ee7d326f
-
SHA256
7912ecf58bf36144f792f5fb357c4194229b1e3728d9852c4376fa297ddaad5f
-
SHA512
a8951b3a12ad11d2aa37d0441eacdacfb0045a89c4c93eada0e0dd7b21e464d7a16be7f627218186d3e7a0ddb3357bf8267e0dc528163f05bc7eba514d05fb2f
Static task
static1
Behavioral task
behavioral1
Sample
7912ecf58bf36144f792f5fb357c4194229b1e3728d9852c4376fa297ddaad5f.xll
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
7912ecf58bf36144f792f5fb357c4194229b1e3728d9852c4376fa297ddaad5f
-
Size
1.7MB
-
MD5
ac96920684c5c701f1c69152019d50ac
-
SHA1
faaceebc1bc32ff76a338cadf0df9988ee7d326f
-
SHA256
7912ecf58bf36144f792f5fb357c4194229b1e3728d9852c4376fa297ddaad5f
-
SHA512
a8951b3a12ad11d2aa37d0441eacdacfb0045a89c4c93eada0e0dd7b21e464d7a16be7f627218186d3e7a0ddb3357bf8267e0dc528163f05bc7eba514d05fb2f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Loads dropped DLL
-