General
-
Target
0516f06a8736615d1c852d9f0cd64b258fe5b3f11ac059967eb7d729b54c2c7b
-
Size
183KB
-
Sample
220520-1j3ajaeaa6
-
MD5
201cb65aee3f312945243434c17fb0f2
-
SHA1
676fd6065e4b2bdbf315e9d9cd2dad1b66777f4a
-
SHA256
0516f06a8736615d1c852d9f0cd64b258fe5b3f11ac059967eb7d729b54c2c7b
-
SHA512
5d90d8ab3d4339c8ebcdb80b6748f36ef59e5a20492c7b4198efa653c533662b2e6c0d78c3ac266bf471066328115a1b083927c711a3a13e1357b51191239b95
Static task
static1
Behavioral task
behavioral1
Sample
0516f06a8736615d1c852d9f0cd64b258fe5b3f11ac059967eb7d729b54c2c7b.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0516f06a8736615d1c852d9f0cd64b258fe5b3f11ac059967eb7d729b54c2c7b.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://ingenla.com/wp-content/XA_fj/
http://ises.com.pl/wp-admin/n2_df/
http://hicast.tn/wp-includes/8_X/
https://jcci-card.vn/wp-includes/O_R8/
http://appcost.win/noerk24jt/m_c/
Targets
-
-
Target
0516f06a8736615d1c852d9f0cd64b258fe5b3f11ac059967eb7d729b54c2c7b
-
Size
183KB
-
MD5
201cb65aee3f312945243434c17fb0f2
-
SHA1
676fd6065e4b2bdbf315e9d9cd2dad1b66777f4a
-
SHA256
0516f06a8736615d1c852d9f0cd64b258fe5b3f11ac059967eb7d729b54c2c7b
-
SHA512
5d90d8ab3d4339c8ebcdb80b6748f36ef59e5a20492c7b4198efa653c533662b2e6c0d78c3ac266bf471066328115a1b083927c711a3a13e1357b51191239b95
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-