General
-
Target
854781967e533657f40f135d875efcd77472b02c5e6c61d8e2c6040ae900969c
-
Size
202KB
-
Sample
220521-amwztaaeb5
-
MD5
b74a9cd66c7e2f98d70acdfcdd2446f3
-
SHA1
d71a8d331daddd3ed6a133bcc31fa44639952838
-
SHA256
854781967e533657f40f135d875efcd77472b02c5e6c61d8e2c6040ae900969c
-
SHA512
3aa00644e7af98c54d9434496ce299890a759ac2a94bee7fdbf48d5a09837e4a4b275d7299af0ba22ebb3c50e111c734c39270e62365e4be2c38bd3bb0156c0e
Static task
static1
Behavioral task
behavioral1
Sample
854781967e533657f40f135d875efcd77472b02c5e6c61d8e2c6040ae900969c.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
854781967e533657f40f135d875efcd77472b02c5e6c61d8e2c6040ae900969c.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://campchof.org/njy3/BO6P9K3AwX/
https://mydreft.com/speed/pn1up/
https://papelarpoa.com.br/coupons/ejli/
https://funny-case.pl/wp-admin/5f3f/
https://test.espace-yoga.fr/jodp17ksjfs/mm2/
Targets
-
-
Target
854781967e533657f40f135d875efcd77472b02c5e6c61d8e2c6040ae900969c
-
Size
202KB
-
MD5
b74a9cd66c7e2f98d70acdfcdd2446f3
-
SHA1
d71a8d331daddd3ed6a133bcc31fa44639952838
-
SHA256
854781967e533657f40f135d875efcd77472b02c5e6c61d8e2c6040ae900969c
-
SHA512
3aa00644e7af98c54d9434496ce299890a759ac2a94bee7fdbf48d5a09837e4a4b275d7299af0ba22ebb3c50e111c734c39270e62365e4be2c38bd3bb0156c0e
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-