General
-
Target
5bc857f379c8becdc41ed5194d9df14ee19333701af184a10220c54089d5bb9e
-
Size
36KB
-
Sample
221130-s7v75afh81
-
MD5
fc7054e99b2e525d8119eddb3bdd5232
-
SHA1
9d137d8f0161d4da9ed94d114e8f14bad0ddf277
-
SHA256
5bc857f379c8becdc41ed5194d9df14ee19333701af184a10220c54089d5bb9e
-
SHA512
c561fa031474e1327378928fd76a71e888af5f92d61e206c3e4cedea852d729d9213a1e1a2ddba9a74659a615368817c21f50c0debe9196c45d2cf63f1c201a7
-
SSDEEP
768:IPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJcahXuL+DSX1:kok3hbdlylKsgqopeJBWhZFGkE+cL2NZ
Behavioral task
behavioral1
Sample
5bc857f379c8becdc41ed5194d9df14ee19333701af184a10220c54089d5bb9e.xls
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5bc857f379c8becdc41ed5194d9df14ee19333701af184a10220c54089d5bb9e.xls
Resource
win10v2004-20220901-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
5bc857f379c8becdc41ed5194d9df14ee19333701af184a10220c54089d5bb9e
-
Size
36KB
-
MD5
fc7054e99b2e525d8119eddb3bdd5232
-
SHA1
9d137d8f0161d4da9ed94d114e8f14bad0ddf277
-
SHA256
5bc857f379c8becdc41ed5194d9df14ee19333701af184a10220c54089d5bb9e
-
SHA512
c561fa031474e1327378928fd76a71e888af5f92d61e206c3e4cedea852d729d9213a1e1a2ddba9a74659a615368817c21f50c0debe9196c45d2cf63f1c201a7
-
SSDEEP
768:IPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJcahXuL+DSX1:kok3hbdlylKsgqopeJBWhZFGkE+cL2NZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-