General
-
Target
60ad4099e56ed5a8fddb63395b0e0032726b5aaf47a71d590dddf147b433a976
-
Size
41KB
-
Sample
221125-1jmj3sgg72
-
MD5
ac5e2c5bf3ba98b1d0fab9b762dc18b5
-
SHA1
d4b5de6534f3bc78d69c551394cf93d2ae99c8f4
-
SHA256
60ad4099e56ed5a8fddb63395b0e0032726b5aaf47a71d590dddf147b433a976
-
SHA512
018c0eaada7b987ca3c5f0afbf8e2ba54ebc28c0e71da6ebb36e7c7272b1d5d1380b0b77d2868ef7ba66aeb24a25dc6865614cbad3accedd39abf16bdcb4a51e
-
SSDEEP
384:uvc2AjFPbVOJ3J9isMjWCGSWba/JVZ0jLYAxmtV:8OTu3XaXW2dEYAO
Behavioral task
behavioral1
Sample
60ad4099e56ed5a8fddb63395b0e0032726b5aaf47a71d590dddf147b433a976.doc
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
60ad4099e56ed5a8fddb63395b0e0032726b5aaf47a71d590dddf147b433a976.doc
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://185.48.56.62:8080/hhacz45a/mnnmz.php
Targets
-
-
Target
60ad4099e56ed5a8fddb63395b0e0032726b5aaf47a71d590dddf147b433a976
-
Size
41KB
-
MD5
ac5e2c5bf3ba98b1d0fab9b762dc18b5
-
SHA1
d4b5de6534f3bc78d69c551394cf93d2ae99c8f4
-
SHA256
60ad4099e56ed5a8fddb63395b0e0032726b5aaf47a71d590dddf147b433a976
-
SHA512
018c0eaada7b987ca3c5f0afbf8e2ba54ebc28c0e71da6ebb36e7c7272b1d5d1380b0b77d2868ef7ba66aeb24a25dc6865614cbad3accedd39abf16bdcb4a51e
-
SSDEEP
384:uvc2AjFPbVOJ3J9isMjWCGSWba/JVZ0jLYAxmtV:8OTu3XaXW2dEYAO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-