General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.10473.320
-
Size
33KB
-
Sample
220816-jly78ahad6
-
MD5
8f22920da513765b73a754e1901bf801
-
SHA1
67259176ccae7489e8c2451651cb0fa1ec7dd637
-
SHA256
1d0ac09d9a53155d463c696e606ebf027274e7699c206959d171119ea3042765
-
SHA512
5247cc3b348956078c0d03bc495501f8ca0874f3f946e5bf28af7defb614bb57e617fa77ae6d1ba03a5be1fb73c8e060adb8e30f6214740b74c6ded76495d354
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.10473.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.10473.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.10473.320
-
Size
33KB
-
MD5
8f22920da513765b73a754e1901bf801
-
SHA1
67259176ccae7489e8c2451651cb0fa1ec7dd637
-
SHA256
1d0ac09d9a53155d463c696e606ebf027274e7699c206959d171119ea3042765
-
SHA512
5247cc3b348956078c0d03bc495501f8ca0874f3f946e5bf28af7defb614bb57e617fa77ae6d1ba03a5be1fb73c8e060adb8e30f6214740b74c6ded76495d354
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-