General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.32268.8882
-
Size
38KB
-
Sample
220816-jlfe4shac2
-
MD5
de2c9786c5c38ea021531158217e9737
-
SHA1
5377de8a45c1b00529a68263ca30d13bbd649071
-
SHA256
c266edfc6f88ae947285fae438eae0e46b8bf059badf283db6d34d93c63df803
-
SHA512
8cca5125a1bfd98878cbf037c7440b3c84f5add9b9104d115ca98edad52f90e447a08451616ed7f1a4fb07d41fd4fe284d9d80f590cbeda6ba162d28b56bd7e7
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.32268.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.32268.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.32268.8882
-
Size
38KB
-
MD5
de2c9786c5c38ea021531158217e9737
-
SHA1
5377de8a45c1b00529a68263ca30d13bbd649071
-
SHA256
c266edfc6f88ae947285fae438eae0e46b8bf059badf283db6d34d93c63df803
-
SHA512
8cca5125a1bfd98878cbf037c7440b3c84f5add9b9104d115ca98edad52f90e447a08451616ed7f1a4fb07d41fd4fe284d9d80f590cbeda6ba162d28b56bd7e7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-