General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.15725.4211
-
Size
33KB
-
Sample
220816-jlyxfsebhm
-
MD5
40d7c7dfe04afec62912d621675ea1c3
-
SHA1
3e2bed02260873ebaac655fac95254793783a39e
-
SHA256
6499e81154bb08f3687529904a6e749a51c6817f06b7d8aec130bed97e60ab6d
-
SHA512
b032da98c72117d40091342e19561740f56aac62638c5e423c6c3aa37144fc2208feb1579ae783a5da4d6557f1a243727febbacb1e28be71a5bcf046082b36d8
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.15725.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.15725.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.15725.4211
-
Size
33KB
-
MD5
40d7c7dfe04afec62912d621675ea1c3
-
SHA1
3e2bed02260873ebaac655fac95254793783a39e
-
SHA256
6499e81154bb08f3687529904a6e749a51c6817f06b7d8aec130bed97e60ab6d
-
SHA512
b032da98c72117d40091342e19561740f56aac62638c5e423c6c3aa37144fc2208feb1579ae783a5da4d6557f1a243727febbacb1e28be71a5bcf046082b36d8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-