General
-
Target
603f6b609a396a112d5a90a916b640495b26049afbfdc295bee92d5a31f4376c
-
Size
145KB
-
Sample
221125-ltlcfacd7x
-
MD5
2d09a7533f009b0f6cd0b9f237041761
-
SHA1
d4438568059da8dac7c76871f575867776674a96
-
SHA256
603f6b609a396a112d5a90a916b640495b26049afbfdc295bee92d5a31f4376c
-
SHA512
bd6322e3baeb29ee7a86ce281f02659cc97cb188cdd70e2927c2260b74f8398b4d7e17caf5e99b2fcd3a333be89fc4de2ae50ff4186ee5a21f8cbd4b495ae767
-
SSDEEP
1536:N81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a96nDfPsPwSvURabL:N8GhDS0o9zTGOZD6EbzCdgDfPsIaH
Behavioral task
behavioral1
Sample
603f6b609a396a112d5a90a916b640495b26049afbfdc295bee92d5a31f4376c.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
603f6b609a396a112d5a90a916b640495b26049afbfdc295bee92d5a31f4376c.doc
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://aspiringfilms.com/lJc7Qpx
http://kelvinnikkel.com/HgR
http://dayofdisconnect.com/O5Le4
http://joynt.net/PVP9Pn
http://craftww.pl//I1Db12jC
Targets
-
-
Target
603f6b609a396a112d5a90a916b640495b26049afbfdc295bee92d5a31f4376c
-
Size
145KB
-
MD5
2d09a7533f009b0f6cd0b9f237041761
-
SHA1
d4438568059da8dac7c76871f575867776674a96
-
SHA256
603f6b609a396a112d5a90a916b640495b26049afbfdc295bee92d5a31f4376c
-
SHA512
bd6322e3baeb29ee7a86ce281f02659cc97cb188cdd70e2927c2260b74f8398b4d7e17caf5e99b2fcd3a333be89fc4de2ae50ff4186ee5a21f8cbd4b495ae767
-
SSDEEP
1536:N81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a96nDfPsPwSvURabL:N8GhDS0o9zTGOZD6EbzCdgDfPsIaH
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-