General
-
Target
e69742e157bd0b2dc16aec06611d17972f1b733e8caff3f4234057580ac5edde
-
Size
248KB
-
Sample
220201-dpf8xsfgfr
-
MD5
3be6ed83df84dec0842cab36c8a76ddc
-
SHA1
3bb3ddb72addde0f5bce63fd23bc40275bb29500
-
SHA256
e69742e157bd0b2dc16aec06611d17972f1b733e8caff3f4234057580ac5edde
-
SHA512
3e85029ab32a4bfafe5d0c95022bcfcf23129e3ff01c0013c721f51737fe8c1310748bdcc6f0823ee13ac88d743b6638e046a02019bf8888f7e6d1576b4171e9
Static task
static1
Behavioral task
behavioral1
Sample
e69742e157bd0b2dc16aec06611d17972f1b733e8caff3f4234057580ac5edde.doc
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e69742e157bd0b2dc16aec06611d17972f1b733e8caff3f4234057580ac5edde.doc
Resource
win10v2004-en-20220112
Malware Config
Extracted
http://biederman.net/leslie/lL/
http://nissanbacgiang.com/wp-content/xR3/
http://equidaddegenero.iztacala.unam.mx/wp-admin/XPF/
http://www.zestevents.co/wp-includes/GJAo/
http://stylishlab.webpixabyte.com/thjowrk5e/9UG/
Targets
-
-
Target
e69742e157bd0b2dc16aec06611d17972f1b733e8caff3f4234057580ac5edde
-
Size
248KB
-
MD5
3be6ed83df84dec0842cab36c8a76ddc
-
SHA1
3bb3ddb72addde0f5bce63fd23bc40275bb29500
-
SHA256
e69742e157bd0b2dc16aec06611d17972f1b733e8caff3f4234057580ac5edde
-
SHA512
3e85029ab32a4bfafe5d0c95022bcfcf23129e3ff01c0013c721f51737fe8c1310748bdcc6f0823ee13ac88d743b6638e046a02019bf8888f7e6d1576b4171e9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Sets service image path in registry
-
Drops file in System32 directory
-