General
-
Target
fe9c9583ab4436654eca500f40a6abef2fb268a7b6ac5cefec4684d0affd8123
-
Size
123KB
-
Sample
220520-2y3qaagcc6
-
MD5
641f2ef2ba74127c59ea57940b048472
-
SHA1
e978b4a6d78adc9fbc9b55b2ade60ff3aa781573
-
SHA256
fe9c9583ab4436654eca500f40a6abef2fb268a7b6ac5cefec4684d0affd8123
-
SHA512
dd14ca47752326114cdc75ee0d0685481f94a9efd08015d01895d8d237d18e5e5c393bed92d45e9c31ee48257069360eea2e1a4081e8a07e30498ac7817a9016
Static task
static1
Behavioral task
behavioral1
Sample
fe9c9583ab4436654eca500f40a6abef2fb268a7b6ac5cefec4684d0affd8123.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
fe9c9583ab4436654eca500f40a6abef2fb268a7b6ac5cefec4684d0affd8123.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
https://fastassignmenthelp.com/wp-admin/c68595/
https://www.findsrau.com/wp-admin/erejyr342/
https://cuasotinhoc.net/wp-content/my714a9/
https://www.asfmarkets.com/gfkuuqn/wej905a73/
http://chocodaps.com/wp-content/y9mc70/
Targets
-
-
Target
fe9c9583ab4436654eca500f40a6abef2fb268a7b6ac5cefec4684d0affd8123
-
Size
123KB
-
MD5
641f2ef2ba74127c59ea57940b048472
-
SHA1
e978b4a6d78adc9fbc9b55b2ade60ff3aa781573
-
SHA256
fe9c9583ab4436654eca500f40a6abef2fb268a7b6ac5cefec4684d0affd8123
-
SHA512
dd14ca47752326114cdc75ee0d0685481f94a9efd08015d01895d8d237d18e5e5c393bed92d45e9c31ee48257069360eea2e1a4081e8a07e30498ac7817a9016
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-