General
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.14069.3456
-
Size
33KB
-
Sample
220816-jlyxfshac7
-
MD5
0d47fb6353552f03eab59539cf37ffe5
-
SHA1
cfaeceadaa104ab5b0dce0d28ece39e3b5faa7cf
-
SHA256
12ee955f5fda37ca1401c538c987d516f768fdc4267317bf112b6f824d6bd69c
-
SHA512
006248a744c342e2d8c6e963a89a04952bbe9e82ad76968c1000a69c5ebb0e61db64a0e62861a50aa56d1285449ca3a120742c431796a061971d5e76a9b5357b
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.14069.xls
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.Siggen3.17232.14069.xls
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Exploit.Siggen3.17232.14069.3456
-
Size
33KB
-
MD5
0d47fb6353552f03eab59539cf37ffe5
-
SHA1
cfaeceadaa104ab5b0dce0d28ece39e3b5faa7cf
-
SHA256
12ee955f5fda37ca1401c538c987d516f768fdc4267317bf112b6f824d6bd69c
-
SHA512
006248a744c342e2d8c6e963a89a04952bbe9e82ad76968c1000a69c5ebb0e61db64a0e62861a50aa56d1285449ca3a120742c431796a061971d5e76a9b5357b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-