General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.10970.15345
-
Size
33KB
-
Sample
220816-jly78ahad3
-
MD5
e3ef4e5798aefd57925a449e0efda671
-
SHA1
d3306b452daa516222c83ab4d50a31098e186ef2
-
SHA256
c2283d9d0917f36abb730abb706f9e8d2b622034d8936e1577ac0f30995a40d0
-
SHA512
3d03df6a81a948adcf284a776e52d93c04d6695f4be9f664b1a57f94fce5f86c205ded031c550be07fc60547d0275cc80c81cd0f13759fbc2e47e87808ca0848
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.10970.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.10970.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.10970.15345
-
Size
33KB
-
MD5
e3ef4e5798aefd57925a449e0efda671
-
SHA1
d3306b452daa516222c83ab4d50a31098e186ef2
-
SHA256
c2283d9d0917f36abb730abb706f9e8d2b622034d8936e1577ac0f30995a40d0
-
SHA512
3d03df6a81a948adcf284a776e52d93c04d6695f4be9f664b1a57f94fce5f86c205ded031c550be07fc60547d0275cc80c81cd0f13759fbc2e47e87808ca0848
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-