General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.21631.2242
-
Size
38KB
-
Sample
220816-jly78ahad2
-
MD5
973d256bd86052c4b67af3d5c9e80fb2
-
SHA1
fc5ec8fe64d666294a8cd533cbe0caac3cd7fa56
-
SHA256
c70a0b74802c56a2c8d87c6d66b6e4cf52e0905b23ae685cf372a8712bfcddb9
-
SHA512
53a229c1f48f876f379c7d24fbc3f458113c09a840c2e5d2128d5cd317bdd4cd73bfc9c035cdefdcb709b4960e16575728f2da9a9d05867a3805f9eec7c90d90
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.21631.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.21631.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.21631.2242
-
Size
38KB
-
MD5
973d256bd86052c4b67af3d5c9e80fb2
-
SHA1
fc5ec8fe64d666294a8cd533cbe0caac3cd7fa56
-
SHA256
c70a0b74802c56a2c8d87c6d66b6e4cf52e0905b23ae685cf372a8712bfcddb9
-
SHA512
53a229c1f48f876f379c7d24fbc3f458113c09a840c2e5d2128d5cd317bdd4cd73bfc9c035cdefdcb709b4960e16575728f2da9a9d05867a3805f9eec7c90d90
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-