General
-
Target
049f8f402af29fcb09cd552b03eb23ee678428634920a2acd7096e646054d598
-
Size
53KB
-
Sample
221125-1jm6lsgg73
-
MD5
e1c4c3d995941a2e164f01d9de516651
-
SHA1
61d0086d0407ca77f3f7bb40c6c97cf192171412
-
SHA256
049f8f402af29fcb09cd552b03eb23ee678428634920a2acd7096e646054d598
-
SHA512
f4dac25644f0f1db1e236719809f1ebb72ad9b4bc17064a6f25aa6855c5fdbbfa9ede6f686175cc8506e48080f4ff5484437fb32e5f059f28483bf15a384d15b
-
SSDEEP
384:uaTW05U6z7a3ckIEuUOFB53oIw8QTisMjPHWba/Jf5U3ySBadi+AHtnaCIBrGZ0L:Zi+Z0mHW2laH+aaZBmEx7vd
Behavioral task
behavioral1
Sample
049f8f402af29fcb09cd552b03eb23ee678428634920a2acd7096e646054d598.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
049f8f402af29fcb09cd552b03eb23ee678428634920a2acd7096e646054d598.doc
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://136.243.237.222:8080/hhacz45a/mnnmz.php
Targets
-
-
Target
049f8f402af29fcb09cd552b03eb23ee678428634920a2acd7096e646054d598
-
Size
53KB
-
MD5
e1c4c3d995941a2e164f01d9de516651
-
SHA1
61d0086d0407ca77f3f7bb40c6c97cf192171412
-
SHA256
049f8f402af29fcb09cd552b03eb23ee678428634920a2acd7096e646054d598
-
SHA512
f4dac25644f0f1db1e236719809f1ebb72ad9b4bc17064a6f25aa6855c5fdbbfa9ede6f686175cc8506e48080f4ff5484437fb32e5f059f28483bf15a384d15b
-
SSDEEP
384:uaTW05U6z7a3ckIEuUOFB53oIw8QTisMjPHWba/Jf5U3ySBadi+AHtnaCIBrGZ0L:Zi+Z0mHW2laH+aaZBmEx7vd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-