General
-
Target
2022-5-21-553415daec66312a733986f2df4f7ff8.bin
-
Size
68KB
-
Sample
220520-18jjqaeha6
-
MD5
553415daec66312a733986f2df4f7ff8
-
SHA1
e27493f88e6262901d2ad20ab4e751c6230d810a
-
SHA256
207b14f58a6732ce4fd7cc637f113a37ba49b965cba0e780672ce850a5887b01
-
SHA512
52f3887f7f1d79baa6da77f02518bcda9176cc40df67af93f5d8ba784b7ed5c2e96ea25e897040b7ad0c62e02f1b6bb7d64e978ae578ea1660a9c8f72f31b784
Behavioral task
behavioral1
Sample
2022-5-21-553415daec66312a733986f2df4f7ff8.xls
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2022-5-21-553415daec66312a733986f2df4f7ff8.xls
Resource
win10v2004-20220414-en
Malware Config
Extracted
https://www.berekethaber.com/hatax/fovLaro/
https://bosny.com/aspnet_client/ErI5F74cwiiOywe/
http://www.cesasin.com.ar/administrator/HC46kHDUSYN305GglCP/
https://bencevendeghaz.hu/wp-includes/tXQBsglNOIsunk/
Targets
-
-
Target
2022-5-21-553415daec66312a733986f2df4f7ff8.bin
-
Size
68KB
-
MD5
553415daec66312a733986f2df4f7ff8
-
SHA1
e27493f88e6262901d2ad20ab4e751c6230d810a
-
SHA256
207b14f58a6732ce4fd7cc637f113a37ba49b965cba0e780672ce850a5887b01
-
SHA512
52f3887f7f1d79baa6da77f02518bcda9176cc40df67af93f5d8ba784b7ed5c2e96ea25e897040b7ad0c62e02f1b6bb7d64e978ae578ea1660a9c8f72f31b784
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-