General
-
Target
0037e6079060778b28b892eb8dcca7e28ca36f26a4f36d8dc53838d6d722b318
-
Size
124KB
-
Sample
220516-zrjmqabhen
-
MD5
b6e13c6a1d437ed02509be01dd334983
-
SHA1
a12ee91c820278590d58f0f846067992c1aa1053
-
SHA256
0037e6079060778b28b892eb8dcca7e28ca36f26a4f36d8dc53838d6d722b318
-
SHA512
8bfc1ffaaa45a8d7f6add5c51e7d1e8e62c95b71b7f76905e3a497f9957227991cd7eef477bc073483d375a3dadaef46d2d7e7376ed170a636fcd194b5836cba
Static task
static1
Behavioral task
behavioral1
Sample
0037e6079060778b28b892eb8dcca7e28ca36f26a4f36d8dc53838d6d722b318.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0037e6079060778b28b892eb8dcca7e28ca36f26a4f36d8dc53838d6d722b318.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://www.novasystemsindustria.eu/cJcton
http://velvet.com.br/2T6r4fYa
http://www.batikentemlak.org/dEXSJO5y
http://tongkhosoncongnghiep.com/DiJuOX
http://www.fibraoptica.ro/8fG
Targets
-
-
Target
0037e6079060778b28b892eb8dcca7e28ca36f26a4f36d8dc53838d6d722b318
-
Size
124KB
-
MD5
b6e13c6a1d437ed02509be01dd334983
-
SHA1
a12ee91c820278590d58f0f846067992c1aa1053
-
SHA256
0037e6079060778b28b892eb8dcca7e28ca36f26a4f36d8dc53838d6d722b318
-
SHA512
8bfc1ffaaa45a8d7f6add5c51e7d1e8e62c95b71b7f76905e3a497f9957227991cd7eef477bc073483d375a3dadaef46d2d7e7376ed170a636fcd194b5836cba
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-