General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.10211.21426
-
Size
38KB
-
Sample
220816-jldlhshab4
-
MD5
5081a754e710f34178dee80e5b1f15b4
-
SHA1
8ce6a3a89c9ede6a40eee5d0b0488bff2098ca01
-
SHA256
00f54cf5df13e3b9549f32fd39f986fc083559558d552cc0708e7a48e5f5bafe
-
SHA512
c9c060c6655b58166d37a686a8e740c3ba7f151ea7e876acff0f2483161e8e1ce73d58234e78d4b0fc645ec806bd4da2245c5641afa9acc465fb71b0d0e08c63
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.10211.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.10211.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.10211.21426
-
Size
38KB
-
MD5
5081a754e710f34178dee80e5b1f15b4
-
SHA1
8ce6a3a89c9ede6a40eee5d0b0488bff2098ca01
-
SHA256
00f54cf5df13e3b9549f32fd39f986fc083559558d552cc0708e7a48e5f5bafe
-
SHA512
c9c060c6655b58166d37a686a8e740c3ba7f151ea7e876acff0f2483161e8e1ce73d58234e78d4b0fc645ec806bd4da2245c5641afa9acc465fb71b0d0e08c63
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-