General
-
Target
2ec4faf19af2e4d152f00846a00f018510b88c1985290284692f9320d446ec42
-
Size
98KB
-
Sample
220520-1wbncaech4
-
MD5
2e9a079d90c8584745907108b917f4de
-
SHA1
21f623cfed2ae464153df22f4c48440200a931e8
-
SHA256
2ec4faf19af2e4d152f00846a00f018510b88c1985290284692f9320d446ec42
-
SHA512
31211fe535ad34738f9003b1062f59105196e31c7c28bad288a100e0235a80615fbd73aebc95555a7fb979e27406ae1ca4a97dd0cffc24841358021c1015bf1b
Static task
static1
Behavioral task
behavioral1
Sample
sample.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
sample.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://manandvanwaterlooville.co.uk/wp-admin/prX892/
https://uniral.com/captchasignup/4J579681/
https://scyzm.net/lkx7/lqoH8S/
https://amagna.nl/DZ9MzAobu3/37Z/
https://nilinkeji.com/online/90fb31/
Targets
-
-
Target
sample
-
Size
168KB
-
MD5
9c0b184f57f8612bdf5f45ecc5399e94
-
SHA1
77533c848213fdb7cf066c29879b2e17a0db9357
-
SHA256
b53199af61de887966a39331aec0a4572deb4044b309a735a63ed90911032cf1
-
SHA512
7b8168e3713afbcddb9c82c709f593b692928df16909db00beaf67b101bdb7764c45261629afb79c67c1a4aeba6163f1738d162fa66fa226bf4c271f0c162e0d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-