General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.4633.3661
-
Size
38KB
-
Sample
220816-jlyxfsebhn
-
MD5
33a12b2b07ecd6d349f4d149aae3103a
-
SHA1
1701f6a80e859aaed17ecd99dac0bda7d7e66fcb
-
SHA256
ea6e71f6371f871da6829a35496a63bf02f162a38ee6e89e16b33b7b76e874a5
-
SHA512
ce7a4683c28ae562e32ee3130d6a9bc01889ca52609c462e232eae9c960aacd90780e579b2cbb65a0b0e482e42f75018b0754f1e8a1c9ee96fae97777fa38150
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.4633.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.4633.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.4633.3661
-
Size
38KB
-
MD5
33a12b2b07ecd6d349f4d149aae3103a
-
SHA1
1701f6a80e859aaed17ecd99dac0bda7d7e66fcb
-
SHA256
ea6e71f6371f871da6829a35496a63bf02f162a38ee6e89e16b33b7b76e874a5
-
SHA512
ce7a4683c28ae562e32ee3130d6a9bc01889ca52609c462e232eae9c960aacd90780e579b2cbb65a0b0e482e42f75018b0754f1e8a1c9ee96fae97777fa38150
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-