General
-
Target
aecsksrk
-
Size
177KB
-
Sample
220522-fyvtsafec2
-
MD5
db1b0c04263c42047d6b74b1e81f3b6a
-
SHA1
d57b86969daaa860110f38ea40cf989d8c0773ac
-
SHA256
7552c96fe26d72990ed41266e7d9f152f0be0ae10f6e335c50f0cf9ad81b954c
-
SHA512
a85037f12b91166bc6d9a4875e823116715f9c809a4edb6f62acf105e36dccc1645ffacb79800f7f8c0a82b04c57e1649915e52c6e1af49fbedbc4b37065eed6
Static task
static1
Behavioral task
behavioral1
Sample
aecsksrk.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
aecsksrk.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://laurenebohn.com/briefed/2khzb_xw_qk86xalnhw/
http://xristiana.com/cgi-bin/y_j_ue/
http://berbercommunicatie.nl/cgi-bin/tge_1h4_hvgq/
http://laarberg.com/cgi-bin/6s49_wr27h_24k0nel/
http://atelierbrasilia.com/site/xt_8d_o1mo/
Targets
-
-
Target
aecsksrk
-
Size
177KB
-
MD5
db1b0c04263c42047d6b74b1e81f3b6a
-
SHA1
d57b86969daaa860110f38ea40cf989d8c0773ac
-
SHA256
7552c96fe26d72990ed41266e7d9f152f0be0ae10f6e335c50f0cf9ad81b954c
-
SHA512
a85037f12b91166bc6d9a4875e823116715f9c809a4edb6f62acf105e36dccc1645ffacb79800f7f8c0a82b04c57e1649915e52c6e1af49fbedbc4b37065eed6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-