General
-
Target
057db45aaa3fd99de682fdc33f822b3427f660ead86fd881b9bf9116e9099f1d
-
Size
78KB
-
Sample
221128-vab44adg9x
-
MD5
92e9260b8c1cac388548da5da984396d
-
SHA1
f1331da950ed94be8255bd9d4b02d32752f4b77e
-
SHA256
057db45aaa3fd99de682fdc33f822b3427f660ead86fd881b9bf9116e9099f1d
-
SHA512
83ea07d2ec325a97dcc57736c3f1445287b7a2ace30f5950f8d797c88ccdcbb66ce6efe8f6a0f6b7a1f0922379f46aa703a507a9c22288c1ea4ce51b4a7cde07
-
SSDEEP
768:DVv7U98J7gcICbc/SvluPoaty2T9QteV3tv8qAd9n+SfhboKLkF:i9IGCbtNe33e+SfhLC
Behavioral task
behavioral1
Sample
057db45aaa3fd99de682fdc33f822b3427f660ead86fd881b9bf9116e9099f1d.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
057db45aaa3fd99de682fdc33f822b3427f660ead86fd881b9bf9116e9099f1d.doc
Resource
win10v2004-20220812-en
Malware Config
Extracted
http://savepic.su/5264550.png
http://146.185.213.102/us/file.pif
Targets
-
-
Target
057db45aaa3fd99de682fdc33f822b3427f660ead86fd881b9bf9116e9099f1d
-
Size
78KB
-
MD5
92e9260b8c1cac388548da5da984396d
-
SHA1
f1331da950ed94be8255bd9d4b02d32752f4b77e
-
SHA256
057db45aaa3fd99de682fdc33f822b3427f660ead86fd881b9bf9116e9099f1d
-
SHA512
83ea07d2ec325a97dcc57736c3f1445287b7a2ace30f5950f8d797c88ccdcbb66ce6efe8f6a0f6b7a1f0922379f46aa703a507a9c22288c1ea4ce51b4a7cde07
-
SSDEEP
768:DVv7U98J7gcICbc/SvluPoaty2T9QteV3tv8qAd9n+SfhboKLkF:i9IGCbtNe33e+SfhLC
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-