General
-
Target
670011a08ddcde9d1892593a968f87e9e8800248f6bb9b8967b05ec4c34b64d0
-
Size
21KB
-
Sample
221128-d6jelsca48
-
MD5
720f6555332b5fee6755debc506c6dd5
-
SHA1
4a2d406e5aff77159ee39067383302420231b045
-
SHA256
670011a08ddcde9d1892593a968f87e9e8800248f6bb9b8967b05ec4c34b64d0
-
SHA512
295238351c882e129ceaac7d8d248a40d24b2d085cc78817d3334f03b3bfc24fc2123bddfd393500ece4600ede743eb3b31f5d789a5153e577668658e8abfacc
-
SSDEEP
384:/imtZAqRZiSte7ZwedKS6w19Q/CEmkfsJyJ7sSMk+dRYHWfVMzPYkEx:/LZAqRZ7t2Zweww19Q6nSMk+Y2fVGP0
Behavioral task
behavioral1
Sample
670011a08ddcde9d1892593a968f87e9e8800248f6bb9b8967b05ec4c34b64d0.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
670011a08ddcde9d1892593a968f87e9e8800248f6bb9b8967b05ec4c34b64d0.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
http://belombre.com/js/bin.exe
Targets
-
-
Target
670011a08ddcde9d1892593a968f87e9e8800248f6bb9b8967b05ec4c34b64d0
-
Size
21KB
-
MD5
720f6555332b5fee6755debc506c6dd5
-
SHA1
4a2d406e5aff77159ee39067383302420231b045
-
SHA256
670011a08ddcde9d1892593a968f87e9e8800248f6bb9b8967b05ec4c34b64d0
-
SHA512
295238351c882e129ceaac7d8d248a40d24b2d085cc78817d3334f03b3bfc24fc2123bddfd393500ece4600ede743eb3b31f5d789a5153e577668658e8abfacc
-
SSDEEP
384:/imtZAqRZiSte7ZwedKS6w19Q/CEmkfsJyJ7sSMk+dRYHWfVMzPYkEx:/LZAqRZ7t2Zweww19Q6nSMk+Y2fVGP0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-