General
-
Target
5728eee65538ea548f875a51d731267536d0f7234add1d2d4eb1c2282220b28b
-
Size
136KB
-
Sample
220201-hclebsabfn
-
MD5
1c3e971b11c75df46d5e0e28050eb876
-
SHA1
7b38f2b3317139733aa4a8f2e4eef86e9c1f4de7
-
SHA256
5728eee65538ea548f875a51d731267536d0f7234add1d2d4eb1c2282220b28b
-
SHA512
067f76924e47bcabd339a57a6c7345274a3275db79dfdd4e5761c15213c11a317f96474921681eec36d6113c44b31f00c74aae35d58393397315f8743aeb7f7c
Static task
static1
Behavioral task
behavioral1
Sample
5728eee65538ea548f875a51d731267536d0f7234add1d2d4eb1c2282220b28b.doc
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
5728eee65538ea548f875a51d731267536d0f7234add1d2d4eb1c2282220b28b.doc
Resource
win10v2004-en-20220113
Malware Config
Extracted
https://everythingtobetrendy.com/wp-content/mqbFvBGlJW/
http://sankaraca.com/wp-admin/aVBdZeOGj/
http://www.palazzobentivoglio.org/softaculous/ZLXVNXrCC/
http://aiostory.com/wp-admin/gxNAbyQwxr/
https://antivirusassists.com/wp-admin/nKsXsNLff/
Targets
-
-
Target
5728eee65538ea548f875a51d731267536d0f7234add1d2d4eb1c2282220b28b
-
Size
136KB
-
MD5
1c3e971b11c75df46d5e0e28050eb876
-
SHA1
7b38f2b3317139733aa4a8f2e4eef86e9c1f4de7
-
SHA256
5728eee65538ea548f875a51d731267536d0f7234add1d2d4eb1c2282220b28b
-
SHA512
067f76924e47bcabd339a57a6c7345274a3275db79dfdd4e5761c15213c11a317f96474921681eec36d6113c44b31f00c74aae35d58393397315f8743aeb7f7c
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-