General
-
Target
2022-11-12-663e1bfcc66afb5a44b67a298869b521_unzipped.bin
-
Size
96KB
-
Sample
230302-qp6vsscg2s
-
MD5
663e1bfcc66afb5a44b67a298869b521
-
SHA1
f40f0294d9a6e7ff1b3b1133d56169f0a3ff57a5
-
SHA256
19fca99f14a377f8bf184747082475c652b176e1d0546130eb4a48f928b8565c
-
SHA512
90c66070eb50e63745efaa3b31e688444ee9619ac6e0f27c1c65679a26be7e2c79b7d0da81a31598948973057744fde2507c0ec25a8d1b448405a97bb0d9af17
-
SSDEEP
3072:CKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgyOmH4wbH5t:CKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgyZ
Behavioral task
behavioral1
Sample
2022-11-12-663e1bfcc66afb5a44b67a298869b521_unzipped.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2022-11-12-663e1bfcc66afb5a44b67a298869b521_unzipped.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://web.ferno.sk/wp-content/pWLdtgNRJjGIs4V/
http://www.etelefon.ro/docs/csv_import/Njpcdo0xA8qV5Qik/
http://weathermaps.ir/maps/A8srcXuPMyk6EAbW3/
http://dominionai.org/TI55pT5PYd/VPHWTnzQe/
Targets
-
-
Target
2022-11-12-663e1bfcc66afb5a44b67a298869b521_unzipped.bin
-
Size
96KB
-
MD5
663e1bfcc66afb5a44b67a298869b521
-
SHA1
f40f0294d9a6e7ff1b3b1133d56169f0a3ff57a5
-
SHA256
19fca99f14a377f8bf184747082475c652b176e1d0546130eb4a48f928b8565c
-
SHA512
90c66070eb50e63745efaa3b31e688444ee9619ac6e0f27c1c65679a26be7e2c79b7d0da81a31598948973057744fde2507c0ec25a8d1b448405a97bb0d9af17
-
SSDEEP
3072:CKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgyOmH4wbH5t:CKpb8rGYrMPe3q7Q0XV5xtuEsi8/dgyZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-