General
-
Target
a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b
-
Size
24KB
-
Sample
221128-d6agpsca39
-
MD5
41e4704e3df740dd52892e2a8050a184
-
SHA1
d28771e1d01e02639ef5265ed774824bdbcd8b74
-
SHA256
a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b
-
SHA512
0e70b94526d48235d06c9a87e9a19f6f69af1f9bbf4e3787281676320b119061590dbebf75be40a0e252f4432a3b164db24a2f2a416e6a15cd2763eeab1297b2
-
SSDEEP
384:0Cdfgra/RjfuFsp9ZpaAvmODnLy3PuBHmbPFdGDCnZ21OP:mra/ci7ZpxmwLQuBMPvGDzO
Behavioral task
behavioral1
Sample
a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://danidata.dk/js/bin.exe
Targets
-
-
Target
a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b
-
Size
24KB
-
MD5
41e4704e3df740dd52892e2a8050a184
-
SHA1
d28771e1d01e02639ef5265ed774824bdbcd8b74
-
SHA256
a2f07c6892b95212c64a850f56a43b73fc5dc34b9efb2fcf14598442196cf29b
-
SHA512
0e70b94526d48235d06c9a87e9a19f6f69af1f9bbf4e3787281676320b119061590dbebf75be40a0e252f4432a3b164db24a2f2a416e6a15cd2763eeab1297b2
-
SSDEEP
384:0Cdfgra/RjfuFsp9ZpaAvmODnLy3PuBHmbPFdGDCnZ21OP:mra/ci7ZpxmwLQuBMPvGDzO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-