General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.7754.8787
-
Size
33KB
-
Sample
220816-jly78ahad5
-
MD5
fba667decfca0daf6f92277fec2d16cf
-
SHA1
e78d07658f5a3461d43f4a84747455ef025eab09
-
SHA256
3ae788e07d265a5c6d9d79c13aea5769812c205d22a89b338ab8764cd9b364f1
-
SHA512
04e59d93c8fdda2461a4d353f2cf7de4e526a54d441bfb32ffd883bdbb3db6e2d5081be31d6da61fe06b24690515278766d852fff9db5c764099032abbafe048
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.7754.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.7754.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.7754.8787
-
Size
33KB
-
MD5
fba667decfca0daf6f92277fec2d16cf
-
SHA1
e78d07658f5a3461d43f4a84747455ef025eab09
-
SHA256
3ae788e07d265a5c6d9d79c13aea5769812c205d22a89b338ab8764cd9b364f1
-
SHA512
04e59d93c8fdda2461a4d353f2cf7de4e526a54d441bfb32ffd883bdbb3db6e2d5081be31d6da61fe06b24690515278766d852fff9db5c764099032abbafe048
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-