General
-
Target
f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5
-
Size
143KB
-
Sample
220625-k1eykagch3
-
MD5
8ec323edb643a73a6fa43fccacf6deca
-
SHA1
9cb74cfb6cb5991866159c1ccf5e5606c24ea051
-
SHA256
f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5
-
SHA512
57917137808d4ea22313b72470fbade7d10e4ed5c4588b01384eb5bd964417aee1913a9da745466aba3ae86d6afb8b0b75f9e2c79dede4eda74a930fbbcfc7cc
Static task
static1
Behavioral task
behavioral1
Sample
f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
http://splussystems.com/wp-admin/eUJLagjD/
http://www.portduo.com/wp-content/KdWRhFjK/
http://telenvivo.com/hq1g/vp33l1h56_o4b8mev9qw-7034/
http://luxuryindiancatering.co.uk/wp-includes/ukoe_7v10mk-02/
http://prizma.ch/wp-content/fFVmwFqTq/
Targets
-
-
Target
f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5
-
Size
143KB
-
MD5
8ec323edb643a73a6fa43fccacf6deca
-
SHA1
9cb74cfb6cb5991866159c1ccf5e5606c24ea051
-
SHA256
f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5
-
SHA512
57917137808d4ea22313b72470fbade7d10e4ed5c4588b01384eb5bd964417aee1913a9da745466aba3ae86d6afb8b0b75f9e2c79dede4eda74a930fbbcfc7cc
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-