General
-
Target
4ed3b936d9b0ffb44be013208f756abbca27cca3ee96b46494369f2e82aa430d
-
Size
159KB
-
Sample
221125-k684lafe33
-
MD5
2abc2a9e9fe7323678681a2e7eeaea56
-
SHA1
5ece19aaa636c94321694d9eaa4ba936bba54760
-
SHA256
4ed3b936d9b0ffb44be013208f756abbca27cca3ee96b46494369f2e82aa430d
-
SHA512
bbf3e6fe257bc98ca34efe9d02bdd093ec4032bb0d11acb7e0426bc98c703a030f1b3886a2fd977a92c64a1ba29e6e7bf088e94e485fbb7fa83ccbedab087b29
-
SSDEEP
1536:kcLzncLzMrdi1Ir77zOH98Wj2gpngx+a9TLln2/5k+:9rfrzOH98ipg3L05k+
Behavioral task
behavioral1
Sample
4ed3b936d9b0ffb44be013208f756abbca27cca3ee96b46494369f2e82aa430d.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4ed3b936d9b0ffb44be013208f756abbca27cca3ee96b46494369f2e82aa430d.doc
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://wynn838.com/wp-content/enE/
https://sertres.com/ivmej/p/
https://viaje-achina.com/wp-admin/aG/
https://aszcasino.com/aszdemo/AGA/
https://bintangremaja.com/wp-content/U/
https://phongkhamthaiduongbienhoa.vn/wp-admin/Z/
http://hk.olivellaline.com/gbi1e/2/
Targets
-
-
Target
4ed3b936d9b0ffb44be013208f756abbca27cca3ee96b46494369f2e82aa430d
-
Size
159KB
-
MD5
2abc2a9e9fe7323678681a2e7eeaea56
-
SHA1
5ece19aaa636c94321694d9eaa4ba936bba54760
-
SHA256
4ed3b936d9b0ffb44be013208f756abbca27cca3ee96b46494369f2e82aa430d
-
SHA512
bbf3e6fe257bc98ca34efe9d02bdd093ec4032bb0d11acb7e0426bc98c703a030f1b3886a2fd977a92c64a1ba29e6e7bf088e94e485fbb7fa83ccbedab087b29
-
SSDEEP
1536:kcLzncLzMrdi1Ir77zOH98Wj2gpngx+a9TLln2/5k+:9rfrzOH98ipg3L05k+
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-