General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.18991.826
-
Size
33KB
-
Sample
220816-jldlhshab5
-
MD5
6dabe76f9fa957dfcb2d947ad28178f4
-
SHA1
0c1b88561dd995109283fd14233e2c01ddb2800d
-
SHA256
946f97092e475631921bb51d3f7c964ceab14537246ad5b91f4b4d8d6fee8410
-
SHA512
263c9897174c1eb154e0ac49438f50a81bbb66186777f7a7c3711d93942fb80cd3b51bbef489ba56b74b090d475c98b79e02ba3b7925102be3810acb207e7685
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.18991.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.18991.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.18991.826
-
Size
33KB
-
MD5
6dabe76f9fa957dfcb2d947ad28178f4
-
SHA1
0c1b88561dd995109283fd14233e2c01ddb2800d
-
SHA256
946f97092e475631921bb51d3f7c964ceab14537246ad5b91f4b4d8d6fee8410
-
SHA512
263c9897174c1eb154e0ac49438f50a81bbb66186777f7a7c3711d93942fb80cd3b51bbef489ba56b74b090d475c98b79e02ba3b7925102be3810acb207e7685
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-