General
-
Target
47f3f87bc57341c15aaf9fc6736ed513185e8347dcd6bed30b3248a5bbec92ee
-
Size
197KB
-
Sample
220520-svttjahdc5
-
MD5
a860a6111edd723a6d8019aabff264be
-
SHA1
0d4d323a7e118dcbcc6d2ccebb1da7de2a411672
-
SHA256
47f3f87bc57341c15aaf9fc6736ed513185e8347dcd6bed30b3248a5bbec92ee
-
SHA512
951c2149cde55216631becef177b03aaee4f6fcf4f242a8428936f6460b49db6a3e47e0d2f40137594bd876b1d028d856c786b3ae72128fa0a4a409eb33784c8
Static task
static1
Behavioral task
behavioral1
Sample
47f3f87bc57341c15aaf9fc6736ed513185e8347dcd6bed30b3248a5bbec92ee.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
47f3f87bc57341c15aaf9fc6736ed513185e8347dcd6bed30b3248a5bbec92ee.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
https://haicunoi.ro/cgi-bin/2TX/
https://crosscountrysupply.com/wp-includes/OpF/
https://akuntansi.widyakartika.ac.id/wp-content/uploads/tEEe/
https://giangocngan.com/css/vK/
http://ebe.dk/_borders/cZJi/
Targets
-
-
Target
47f3f87bc57341c15aaf9fc6736ed513185e8347dcd6bed30b3248a5bbec92ee
-
Size
197KB
-
MD5
a860a6111edd723a6d8019aabff264be
-
SHA1
0d4d323a7e118dcbcc6d2ccebb1da7de2a411672
-
SHA256
47f3f87bc57341c15aaf9fc6736ed513185e8347dcd6bed30b3248a5bbec92ee
-
SHA512
951c2149cde55216631becef177b03aaee4f6fcf4f242a8428936f6460b49db6a3e47e0d2f40137594bd876b1d028d856c786b3ae72128fa0a4a409eb33784c8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-