General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.8245.21810
-
Size
38KB
-
Sample
220816-jlyxfshac4
-
MD5
50860325a0e4f6f204c76dd262b7df6b
-
SHA1
f096b272f012f300ebbd2536e45d97cf02852c36
-
SHA256
6327c67ee4ae318f558e379fbfa071749113398782101c9f3beeb7310e81e725
-
SHA512
637209224af7309a0acbbb1d51f9cf35782caf41de3924a86e6263c8136b8e074b66288af511d6a638d713d82a57fdd16ddf96b518c33589f4730ea8f8453b03
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.8245.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17149.8245.xls
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://facextrade.com.br/wp-includes/certificates/4.txt
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17149.8245.21810
-
Size
38KB
-
MD5
50860325a0e4f6f204c76dd262b7df6b
-
SHA1
f096b272f012f300ebbd2536e45d97cf02852c36
-
SHA256
6327c67ee4ae318f558e379fbfa071749113398782101c9f3beeb7310e81e725
-
SHA512
637209224af7309a0acbbb1d51f9cf35782caf41de3924a86e6263c8136b8e074b66288af511d6a638d713d82a57fdd16ddf96b518c33589f4730ea8f8453b03
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-