General
-
Target
0616f04ec50d2745f50b40b3ff6c7bf99924f8dea084569afa6fb3b971114b41
-
Size
61KB
-
Sample
221125-1jppfabh2z
-
MD5
97f6d88dcfe5fdcbf6cde2a588ad48bc
-
SHA1
e17474fe19a3a6b5364d8502b9b436ac703e16c4
-
SHA256
0616f04ec50d2745f50b40b3ff6c7bf99924f8dea084569afa6fb3b971114b41
-
SHA512
c8fdab0cec9071f184e724eb98b8e4d614d3b67a1232ec71724f461e0d8bab22d6d3393cbb12870d79dce42c3c6ad945f1f1015dc6c9e1d7c7499c514eaadbe8
-
SSDEEP
768:S++if7UQ9k8Wyvtr3OL8rKMpI+Ujsene8WXZkryaiYnTo9ED:2pQDWkR3OLbH7ymnC
Behavioral task
behavioral1
Sample
0616f04ec50d2745f50b40b3ff6c7bf99924f8dea084569afa6fb3b971114b41.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0616f04ec50d2745f50b40b3ff6c7bf99924f8dea084569afa6fb3b971114b41.doc
Resource
win10v2004-20220901-en
Malware Config
Extracted
http://91.220.131.29/upd/install.exe
Targets
-
-
Target
0616f04ec50d2745f50b40b3ff6c7bf99924f8dea084569afa6fb3b971114b41
-
Size
61KB
-
MD5
97f6d88dcfe5fdcbf6cde2a588ad48bc
-
SHA1
e17474fe19a3a6b5364d8502b9b436ac703e16c4
-
SHA256
0616f04ec50d2745f50b40b3ff6c7bf99924f8dea084569afa6fb3b971114b41
-
SHA512
c8fdab0cec9071f184e724eb98b8e4d614d3b67a1232ec71724f461e0d8bab22d6d3393cbb12870d79dce42c3c6ad945f1f1015dc6c9e1d7c7499c514eaadbe8
-
SSDEEP
768:S++if7UQ9k8Wyvtr3OL8rKMpI+Ujsene8WXZkryaiYnTo9ED:2pQDWkR3OLbH7ymnC
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-