General
-
Target
a66b5982e41c8e78c0a807d5c1e7ecf9d554b941fad99bb856564e4ddbb5d295
-
Size
149KB
-
Sample
220724-za9sksfdb8
-
MD5
35b1085d0874798babcc94a2b350ad7d
-
SHA1
0d7ff87a0e1067a0dea89ee3b4969469c87d03de
-
SHA256
a66b5982e41c8e78c0a807d5c1e7ecf9d554b941fad99bb856564e4ddbb5d295
-
SHA512
7983baa8d37189bd82eab5947229bf82d1460b8fe9d4e77e4cbeb894e8b584e94bfa9c17102f755cecdd06c5013ebd1eb4531ed5c4e218fd1e20ceccea09641b
Static task
static1
Behavioral task
behavioral1
Sample
a66b5982e41c8e78c0a807d5c1e7ecf9d554b941fad99bb856564e4ddbb5d295.doc
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
a66b5982e41c8e78c0a807d5c1e7ecf9d554b941fad99bb856564e4ddbb5d295.doc
Resource
win10v2004-20220722-en
Malware Config
Extracted
https://www.wholesale-towels.com/caapa/2skq2c8brl_ujstqor-9423/
https://sehatmadu.com/wp-admin/sMsnqVEHO/
http://wayuansudamai.com/wp-includes/tUhChhCpcN/
http://vnilla.com/cgi-bin/xdmlv_90ij5qu1-86492/
http://vcontenidos.com/wp-admin/nzxnfyy9_x7u5tyux4w-71288/
Targets
-
-
Target
a66b5982e41c8e78c0a807d5c1e7ecf9d554b941fad99bb856564e4ddbb5d295
-
Size
149KB
-
MD5
35b1085d0874798babcc94a2b350ad7d
-
SHA1
0d7ff87a0e1067a0dea89ee3b4969469c87d03de
-
SHA256
a66b5982e41c8e78c0a807d5c1e7ecf9d554b941fad99bb856564e4ddbb5d295
-
SHA512
7983baa8d37189bd82eab5947229bf82d1460b8fe9d4e77e4cbeb894e8b584e94bfa9c17102f755cecdd06c5013ebd1eb4531ed5c4e218fd1e20ceccea09641b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-