General
-
Target
ab37d198e0a1aa5ea37a6a4ebfccf8f6f175f3e97f77261b9a4813a4c7e2c1c4
-
Size
141KB
-
Sample
220521-ayn4cabac2
-
MD5
d2cc5525e1d27ab1814bf89562efd8d9
-
SHA1
278d0e253423ba2e83f1b3851465251c209a8580
-
SHA256
ab37d198e0a1aa5ea37a6a4ebfccf8f6f175f3e97f77261b9a4813a4c7e2c1c4
-
SHA512
59725072fd48b6853e938ad289b8fe893fa48f61a0a0f5e3c377ba85f63514b55577b78e6bf7a3bd32b8d46a5f400805b64dd51965ed431f76a2d19a46a01191
Static task
static1
Behavioral task
behavioral1
Sample
ab37d198e0a1aa5ea37a6a4ebfccf8f6f175f3e97f77261b9a4813a4c7e2c1c4.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ab37d198e0a1aa5ea37a6a4ebfccf8f6f175f3e97f77261b9a4813a4c7e2c1c4.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://www.niteshagrico.com/z7ISltpB
http://www.tenmiengiarenhat.com/bIfcRi8Kc
http://www.hopeintlschool.org/ebIV1do
http://www.dnenes.com.mx/Wmv9Lwru
http://kynangtuhoc.com/h6pTDOH
Targets
-
-
Target
ab37d198e0a1aa5ea37a6a4ebfccf8f6f175f3e97f77261b9a4813a4c7e2c1c4
-
Size
141KB
-
MD5
d2cc5525e1d27ab1814bf89562efd8d9
-
SHA1
278d0e253423ba2e83f1b3851465251c209a8580
-
SHA256
ab37d198e0a1aa5ea37a6a4ebfccf8f6f175f3e97f77261b9a4813a4c7e2c1c4
-
SHA512
59725072fd48b6853e938ad289b8fe893fa48f61a0a0f5e3c377ba85f63514b55577b78e6bf7a3bd32b8d46a5f400805b64dd51965ed431f76a2d19a46a01191
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-