General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.12175.13760
-
Size
33KB
-
Sample
220816-jlfe4shab7
-
MD5
7ca761f85ea35147e76d32bcc9640c84
-
SHA1
0457ca3fe9994baeebb9aadd052b7fd322f4a05a
-
SHA256
76eb0b03bf4f4e169846f14a82b3ff02e55bfdea97a946c166d032c0034a8317
-
SHA512
0ed0970a94da2c35db4ce5778a6966285580518f034b4e84b009a6836ca19e65caadc6b950ef26508dc9b6415b59e26cef988979fa929ee24f3477f71f598e6a
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.12175.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.12175.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.12175.13760
-
Size
33KB
-
MD5
7ca761f85ea35147e76d32bcc9640c84
-
SHA1
0457ca3fe9994baeebb9aadd052b7fd322f4a05a
-
SHA256
76eb0b03bf4f4e169846f14a82b3ff02e55bfdea97a946c166d032c0034a8317
-
SHA512
0ed0970a94da2c35db4ce5778a6966285580518f034b4e84b009a6836ca19e65caadc6b950ef26508dc9b6415b59e26cef988979fa929ee24f3477f71f598e6a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-