General
-
Target
95486e2d7bdf753ab5dd9caeb51cbb91a06f11521db0fea52573e902a03da112
-
Size
165KB
-
Sample
220521-ab2qxsaaa4
-
MD5
5988dff21b137091544a4ad9ae7def47
-
SHA1
35523d127211d1b0d6d5c202e866ee1b3f62ce04
-
SHA256
95486e2d7bdf753ab5dd9caeb51cbb91a06f11521db0fea52573e902a03da112
-
SHA512
522fc86635dc60c34ebc5438f011cda0abca1d8f64f93355919af0b65406031290e2c8f073bfb9b214c698798062821b52c3e6f5470f4e50c2c0e33b61f6a056
Static task
static1
Behavioral task
behavioral1
Sample
95486e2d7bdf753ab5dd9caeb51cbb91a06f11521db0fea52573e902a03da112.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
95486e2d7bdf753ab5dd9caeb51cbb91a06f11521db0fea52573e902a03da112.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://kellydarke.com/wp-content/Sd/
http://aram-designs.com/en/Z53/
http://basinhayati.net/wp-admin/Q0aw/
http://7cut.extroliving.com/wp-content/3LYGE/
http://allcosmeticsource.com/allcosmeticsource/OT9bg/
Targets
-
-
Target
95486e2d7bdf753ab5dd9caeb51cbb91a06f11521db0fea52573e902a03da112
-
Size
165KB
-
MD5
5988dff21b137091544a4ad9ae7def47
-
SHA1
35523d127211d1b0d6d5c202e866ee1b3f62ce04
-
SHA256
95486e2d7bdf753ab5dd9caeb51cbb91a06f11521db0fea52573e902a03da112
-
SHA512
522fc86635dc60c34ebc5438f011cda0abca1d8f64f93355919af0b65406031290e2c8f073bfb9b214c698798062821b52c3e6f5470f4e50c2c0e33b61f6a056
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-