General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.12724.3071
-
Size
38KB
-
Sample
220816-jlgyyahac3
-
MD5
7ad12537579ad48c286ccffbd98288f7
-
SHA1
7187d653f96f28659ea269a394109819ad712ee5
-
SHA256
324baa01c3619333075deb6dd0b3f6c1c9d6bc13d9b1a736db5465f53ab94226
-
SHA512
06e5ddab59b3af1fa4b38d079d8217da8fd16af5ce4280a7b7f2ce1595b32960a9f5bba1cf65bd7ddf2828d0615a2ff49c45f8fbac8d9730ea2ca542b55eb4a1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.12724.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.12724.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.12724.3071
-
Size
38KB
-
MD5
7ad12537579ad48c286ccffbd98288f7
-
SHA1
7187d653f96f28659ea269a394109819ad712ee5
-
SHA256
324baa01c3619333075deb6dd0b3f6c1c9d6bc13d9b1a736db5465f53ab94226
-
SHA512
06e5ddab59b3af1fa4b38d079d8217da8fd16af5ce4280a7b7f2ce1595b32960a9f5bba1cf65bd7ddf2828d0615a2ff49c45f8fbac8d9730ea2ca542b55eb4a1
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-