General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.16558.13191
-
Size
33KB
-
Sample
220816-jldlhsebgp
-
MD5
1d5e697a9549b96a548a76b59eb4e64c
-
SHA1
413e5fa05e80aa4d7cc13ffe22830f4afc9c0d2f
-
SHA256
8fe23c29ba0570ad4b2fa152702380863429f97280d3ce26f4194e2593db45c2
-
SHA512
28a71baaa8462064187172f85da123771a44fd70c33ba23e7bb42b66032eaa7edebc3a93952336d922387cd0bd553e34c847618ac7d3c942500ea53663bc63a0
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.16558.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.16558.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.16558.13191
-
Size
33KB
-
MD5
1d5e697a9549b96a548a76b59eb4e64c
-
SHA1
413e5fa05e80aa4d7cc13ffe22830f4afc9c0d2f
-
SHA256
8fe23c29ba0570ad4b2fa152702380863429f97280d3ce26f4194e2593db45c2
-
SHA512
28a71baaa8462064187172f85da123771a44fd70c33ba23e7bb42b66032eaa7edebc3a93952336d922387cd0bd553e34c847618ac7d3c942500ea53663bc63a0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-