General
-
Target
45fe53a320684b36663ffe02061c1df145d4c3ccc3aa855582f19d3e12210ec7
-
Size
135KB
-
Sample
220521-ar2e4aafh2
-
MD5
5d306a8b1060e779dd27b30749c25d73
-
SHA1
f48489348a2aa9b01ed7aa7c4ea17aa3002c194e
-
SHA256
45fe53a320684b36663ffe02061c1df145d4c3ccc3aa855582f19d3e12210ec7
-
SHA512
14945a24d04928ec7e89f49ed1afdd71b76b2ca9ebd8b8fb536c3345be06c6c14c32699e95516749a8650c22f274ad2b5b5f6935f729141d1a7784bca0165afb
Static task
static1
Behavioral task
behavioral1
Sample
45fe53a320684b36663ffe02061c1df145d4c3ccc3aa855582f19d3e12210ec7.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
45fe53a320684b36663ffe02061c1df145d4c3ccc3aa855582f19d3e12210ec7.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://www.srskgroup.com/9d74kPY
http://www.stovefree.com/Zg
http://www.rohanpurit.com/gfnpS
http://www.misyaland.com/q
http://teambored.co.uk/Ps
Targets
-
-
Target
45fe53a320684b36663ffe02061c1df145d4c3ccc3aa855582f19d3e12210ec7
-
Size
135KB
-
MD5
5d306a8b1060e779dd27b30749c25d73
-
SHA1
f48489348a2aa9b01ed7aa7c4ea17aa3002c194e
-
SHA256
45fe53a320684b36663ffe02061c1df145d4c3ccc3aa855582f19d3e12210ec7
-
SHA512
14945a24d04928ec7e89f49ed1afdd71b76b2ca9ebd8b8fb536c3345be06c6c14c32699e95516749a8650c22f274ad2b5b5f6935f729141d1a7784bca0165afb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-