General
-
Target
163eae697eb7cadb346c9c9b7f430a9a1b5859e9354415969a54565149811ae8
-
Size
129KB
-
Sample
220724-zghyfafgdq
-
MD5
4988f095e0986dd8876fc88a8ed9c223
-
SHA1
ed1836eebfd4e0c870ca33c29e8d5b261300a7f0
-
SHA256
163eae697eb7cadb346c9c9b7f430a9a1b5859e9354415969a54565149811ae8
-
SHA512
000c084b82f8fc94cd4fb8c9fba383cfd97ab19b51ff833989cc302ad5b467fe64bca7eb5ad2c516e88060da92d1280002724d73d0bab2731c2fb92157bdaa97
Static task
static1
Behavioral task
behavioral1
Sample
163eae697eb7cadb346c9c9b7f430a9a1b5859e9354415969a54565149811ae8.doc
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
163eae697eb7cadb346c9c9b7f430a9a1b5859e9354415969a54565149811ae8.doc
Resource
win10v2004-20220721-en
Malware Config
Extracted
http://tan-shuai.com/wp-content/m6d71gnvv_5wuf035-3782344/
http://rashhgames4u.000webhostapp.com/wp-admin/f09dmz1i98_gkhufhnf3-7958618171/
http://bor-demir.com/cgi-bin/hlptlehdyU/
http://klaryus.com.br/wp-includes/Requests/Zqeztqfe/
https://theluxestudio.co.uk/wp-includes/pTxzfSBe/
Targets
-
-
Target
163eae697eb7cadb346c9c9b7f430a9a1b5859e9354415969a54565149811ae8
-
Size
129KB
-
MD5
4988f095e0986dd8876fc88a8ed9c223
-
SHA1
ed1836eebfd4e0c870ca33c29e8d5b261300a7f0
-
SHA256
163eae697eb7cadb346c9c9b7f430a9a1b5859e9354415969a54565149811ae8
-
SHA512
000c084b82f8fc94cd4fb8c9fba383cfd97ab19b51ff833989cc302ad5b467fe64bca7eb5ad2c516e88060da92d1280002724d73d0bab2731c2fb92157bdaa97
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-