General
-
Target
2361d0e1b933d0146c44874b661d74a11ac6152fc62a3cae8de22c8e0cc38cdb
-
Size
249KB
-
Sample
220520-19nvtsehf5
-
MD5
2065664436cf97b0a80afbd14bc08023
-
SHA1
986b0c843ddb53b5591994f704d8466f4b36f441
-
SHA256
2361d0e1b933d0146c44874b661d74a11ac6152fc62a3cae8de22c8e0cc38cdb
-
SHA512
3c3c37dc80eafb6cae956b54c46d0aaa9e74b55824bc0163210e4511ef9223516afa08f53dd85671c2a45c5fdd419e076362fc175bd2f0e98cd59165e1079148
Static task
static1
Behavioral task
behavioral1
Sample
2361d0e1b933d0146c44874b661d74a11ac6152fc62a3cae8de22c8e0cc38cdb.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2361d0e1b933d0146c44874b661d74a11ac6152fc62a3cae8de22c8e0cc38cdb.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://sauloramos.com.br/PLcbM/4oxcev0320/
http://jurczyk.biz/piotrek/IJilgckESlY/
http://lidiscom.com.br/BKP_TinaPOS/CQSMl/
http://cmswrexham.com/video/N2lzhgh45/
http://lyveinc.com/wp-content/uploads/attachments/XxM/
https://stateinsuranceonline.com/wp-content/yQzAGwyQs/
https://www.teringieestatefarms.com.au/wp-content/Lvqg/
Targets
-
-
Target
2361d0e1b933d0146c44874b661d74a11ac6152fc62a3cae8de22c8e0cc38cdb
-
Size
249KB
-
MD5
2065664436cf97b0a80afbd14bc08023
-
SHA1
986b0c843ddb53b5591994f704d8466f4b36f441
-
SHA256
2361d0e1b933d0146c44874b661d74a11ac6152fc62a3cae8de22c8e0cc38cdb
-
SHA512
3c3c37dc80eafb6cae956b54c46d0aaa9e74b55824bc0163210e4511ef9223516afa08f53dd85671c2a45c5fdd419e076362fc175bd2f0e98cd59165e1079148
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-