General
-
Target
2022-1-28-3810c5b0b0312d5f97be9ab72b1e5b87.bin
-
Size
47KB
-
Sample
220128-b8w3daegc4
-
MD5
3810c5b0b0312d5f97be9ab72b1e5b87
-
SHA1
ab4339d80772e655a4bab9fe01264672355c15d3
-
SHA256
07e78844f55119ab4d3aa4cf0cc20cbf32b8a82e9cb13215bcf3620502f61551
-
SHA512
99495d7096ee4c557df437d2cab3611065a1c7a4eac56b7655c9ecae9064be56b71b2274d0a058a1ff24dba57633a83c453550e93d60a5efc4885dbdf329d46b
Malware Config
Extracted
http://91.240.118.168/vvv/ppp/fe.html
Extracted
http://91.240.118.168/vvv/ppp/fe.png
Targets
-
-
Target
2022-1-28-3810c5b0b0312d5f97be9ab72b1e5b87.bin
-
Size
47KB
-
MD5
3810c5b0b0312d5f97be9ab72b1e5b87
-
SHA1
ab4339d80772e655a4bab9fe01264672355c15d3
-
SHA256
07e78844f55119ab4d3aa4cf0cc20cbf32b8a82e9cb13215bcf3620502f61551
-
SHA512
99495d7096ee4c557df437d2cab3611065a1c7a4eac56b7655c9ecae9064be56b71b2274d0a058a1ff24dba57633a83c453550e93d60a5efc4885dbdf329d46b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-