General
-
Target
519e42f855be287c5e3a84e07db8a58d86398462abe07817337204cddbabd8b4
-
Size
221KB
-
Sample
221125-kedhlsdg45
-
MD5
4f165ae148b9283e91bcf3d3a9bf0a44
-
SHA1
5cc54269d6e819ee7b02f1e7a95bd30891ca9359
-
SHA256
519e42f855be287c5e3a84e07db8a58d86398462abe07817337204cddbabd8b4
-
SHA512
210571b7dbaf43057c67e920cafffb89de11fa3c23ad87bd8fb964faf1f69477f977688ab96b6a39b27ccfceca40e6f6f30fd76c535a9b9f348103df0dfc4334
-
SSDEEP
6144:kpFpzXNgICyVzU8Ib3GX2BunTUrQK17EA+9:AF8Ib9FIb2X2BKwz5+9
Behavioral task
behavioral1
Sample
519e42f855be287c5e3a84e07db8a58d86398462abe07817337204cddbabd8b4.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
519e42f855be287c5e3a84e07db8a58d86398462abe07817337204cddbabd8b4.doc
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://bayboratek.com/28032019yedek/fd_2/
http://client.ideatech.pk/wp-content/3_d/
http://fabric-ville.net/2017/y_J/
http://hadiyaacoub.com/wp-content/uploads/2019/Mj_W/
http://himatika.mipa.uns.ac.id/wp-content/By_2/
Targets
-
-
Target
519e42f855be287c5e3a84e07db8a58d86398462abe07817337204cddbabd8b4
-
Size
221KB
-
MD5
4f165ae148b9283e91bcf3d3a9bf0a44
-
SHA1
5cc54269d6e819ee7b02f1e7a95bd30891ca9359
-
SHA256
519e42f855be287c5e3a84e07db8a58d86398462abe07817337204cddbabd8b4
-
SHA512
210571b7dbaf43057c67e920cafffb89de11fa3c23ad87bd8fb964faf1f69477f977688ab96b6a39b27ccfceca40e6f6f30fd76c535a9b9f348103df0dfc4334
-
SSDEEP
6144:kpFpzXNgICyVzU8Ib3GX2BunTUrQK17EA+9:AF8Ib9FIb2X2BKwz5+9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-