General
-
Target
80060b128b6d4813f184d33b53972dea
-
Size
1.7MB
-
Sample
220120-jptrxaggfm
-
MD5
80060b128b6d4813f184d33b53972dea
-
SHA1
f3bd01cd5ac96d660ec90ad1b81c5d6923978909
-
SHA256
4db56cc519b8fe92f608a30bf32477b62c1f154de183e7f075bb4cf68e918a83
-
SHA512
2dddf97895d239cfb0fa2fd03e2101204ed6d58ecf86f1cc02c4d5ee7fd9d36c62f719cca02001ac75b0a4a63f303acb8e2735261fdeac2976949d23c53e137a
Static task
static1
Behavioral task
behavioral1
Sample
80060b128b6d4813f184d33b53972dea.xll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
80060b128b6d4813f184d33b53972dea.xll
Resource
win10v2004-en-20220113
Malware Config
Extracted
Targets
-
-
Target
80060b128b6d4813f184d33b53972dea
-
Size
1.7MB
-
MD5
80060b128b6d4813f184d33b53972dea
-
SHA1
f3bd01cd5ac96d660ec90ad1b81c5d6923978909
-
SHA256
4db56cc519b8fe92f608a30bf32477b62c1f154de183e7f075bb4cf68e918a83
-
SHA512
2dddf97895d239cfb0fa2fd03e2101204ed6d58ecf86f1cc02c4d5ee7fd9d36c62f719cca02001ac75b0a4a63f303acb8e2735261fdeac2976949d23c53e137a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Loads dropped DLL
-