General
-
Target
1aca62502efabd340036a0f74f46e03dab633a0d12497b5456590d329fffba6a
-
Size
40KB
-
Sample
220520-2m2c3safhj
-
MD5
9b7212f54d8460d8144f65d1f644bb13
-
SHA1
3c2eaba89eab872ee549f22f08fdb83e0a34ad99
-
SHA256
1aca62502efabd340036a0f74f46e03dab633a0d12497b5456590d329fffba6a
-
SHA512
a5db7be20fdde31a2f329ce27c60036516cf7e13418bb30a4c66a872d12061b74438dbad25ce461e0424a0eb412035e8001a61624f40d46c29ac69ec4cd2d595
Static task
static1
Behavioral task
behavioral1
Sample
1aca62502efabd340036a0f74f46e03dab633a0d12497b5456590d329fffba6a.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1aca62502efabd340036a0f74f46e03dab633a0d12497b5456590d329fffba6a.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
https://raw.githubusercontent.com/scriptsample/mal/master/cs-test.ps1
Targets
-
-
Target
1aca62502efabd340036a0f74f46e03dab633a0d12497b5456590d329fffba6a
-
Size
40KB
-
MD5
9b7212f54d8460d8144f65d1f644bb13
-
SHA1
3c2eaba89eab872ee549f22f08fdb83e0a34ad99
-
SHA256
1aca62502efabd340036a0f74f46e03dab633a0d12497b5456590d329fffba6a
-
SHA512
a5db7be20fdde31a2f329ce27c60036516cf7e13418bb30a4c66a872d12061b74438dbad25ce461e0424a0eb412035e8001a61624f40d46c29ac69ec4cd2d595
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-