General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.24514.10320
-
Size
38KB
-
Sample
220816-jldlhsebgq
-
MD5
afa76d3ab56a161493ecc311224d06ff
-
SHA1
b0e04d456edc5234a34f48521338fc3b6130ad2f
-
SHA256
4fade6fb7db66d7b5fd5b92289e105ac4dc656d18164a912a624e9809dbfaae6
-
SHA512
1bc31253503b00d34e1cfb4311683477454d1488e7bcdf6a3f1a640ae36be552f0ceb4d97cd45f44587a9fee588740d9541ab9919730b55650a379377a2396ac
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.24514.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.24514.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.24514.10320
-
Size
38KB
-
MD5
afa76d3ab56a161493ecc311224d06ff
-
SHA1
b0e04d456edc5234a34f48521338fc3b6130ad2f
-
SHA256
4fade6fb7db66d7b5fd5b92289e105ac4dc656d18164a912a624e9809dbfaae6
-
SHA512
1bc31253503b00d34e1cfb4311683477454d1488e7bcdf6a3f1a640ae36be552f0ceb4d97cd45f44587a9fee588740d9541ab9919730b55650a379377a2396ac
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-