General
-
Target
7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
-
Size
210KB
-
Sample
220201-gckmcsaba6
-
MD5
7a0e78ce8cccb72e9c39910df15490ba
-
SHA1
5c26eb1856e7c814370476a900148da49d79a9e1
-
SHA256
7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
-
SHA512
114baa574bb3302007ba407ad78e448b7ca7d3ca557c0cafd532919134988b23f81bbc94b4d308990637d65242f4a8abfb9b333f23e389f8f73dcd45144c1940
Static task
static1
Behavioral task
behavioral1
Sample
7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d.doc
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d.doc
Resource
win10v2004-en-20220112
Malware Config
Extracted
http://giftmaster.ml/PSf4hk96K/
http://mapup.net/w2u4kwT/
http://www.survivallives.com/WdnX2iVg/
http://modivi.hu/nxmoQ9pDQm/
http://eroscenter.co.il/v5nFBp/
Targets
-
-
Target
7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
-
Size
210KB
-
MD5
7a0e78ce8cccb72e9c39910df15490ba
-
SHA1
5c26eb1856e7c814370476a900148da49d79a9e1
-
SHA256
7694066b23ea826ba0367777fe1f3e1b479a7fe3bac84adab2ae30f171ac1d5d
-
SHA512
114baa574bb3302007ba407ad78e448b7ca7d3ca557c0cafd532919134988b23f81bbc94b4d308990637d65242f4a8abfb9b333f23e389f8f73dcd45144c1940
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Sets service image path in registry
-