General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.6905.7305
-
Size
38KB
-
Sample
220816-jlfe4sebhj
-
MD5
3bc62bd8b910eb17b12a3b69fc050571
-
SHA1
e4b91c0b407197bbfc6cbd1b6436a69277620db5
-
SHA256
8e2a3f67543b17ea35bc2c3bbcdbb9100fda5cb2fb90e911bef2943f76dc2bef
-
SHA512
c28f6f593ac227dbcc9eab3ae7a52050bbd1475dfc6717fc9a78cb0f0e4162b49e4affd205e3b081e6d980c35e4e833ed9f639116eded39136744ade94b57c45
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.6905.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.6905.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.6905.7305
-
Size
38KB
-
MD5
3bc62bd8b910eb17b12a3b69fc050571
-
SHA1
e4b91c0b407197bbfc6cbd1b6436a69277620db5
-
SHA256
8e2a3f67543b17ea35bc2c3bbcdbb9100fda5cb2fb90e911bef2943f76dc2bef
-
SHA512
c28f6f593ac227dbcc9eab3ae7a52050bbd1475dfc6717fc9a78cb0f0e4162b49e4affd205e3b081e6d980c35e4e833ed9f639116eded39136744ade94b57c45
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-