General
-
Target
2023-03-10-04c8640612e13344dffb70fccddb8ac9_unzipped.bin
-
Size
60KB
-
Sample
230311-slyq5abh51
-
MD5
04c8640612e13344dffb70fccddb8ac9
-
SHA1
282981b58026f705047e8c8f007f03dbd9839e1d
-
SHA256
324ac77fc10576ee2f4d22d75cfef4b40062e69dae7a0095ff66d47c7df9729b
-
SHA512
85094b29a5d473e4a34574af7a12366e977a0ef36246b8d6fef63b35f5b818c3e3a4801130c63e862b571569344f7c672870b222d414c354b712b6e420a64fa1
-
SSDEEP
1536:tpKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgaDOJiA6Cv/UGLI36yOAZE8q:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgx
Behavioral task
behavioral1
Sample
2023-03-10-04c8640612e13344dffb70fccddb8ac9_unzipped.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2023-03-10-04c8640612e13344dffb70fccddb8ac9_unzipped.xls
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://nazreghadir.ir/wp-includes/kaiSEoHGa/
https://mass-gardinen-shop.de/css/AHE8baLiW/
http://kbmpti.filkom.ub.ac.id/config/LdgfVAaCy/
http://www.hangaryapi.com.tr/wp-admin/E1gb6ognvvn8HX/
Targets
-
-
Target
2023-03-10-04c8640612e13344dffb70fccddb8ac9_unzipped.bin
-
Size
60KB
-
MD5
04c8640612e13344dffb70fccddb8ac9
-
SHA1
282981b58026f705047e8c8f007f03dbd9839e1d
-
SHA256
324ac77fc10576ee2f4d22d75cfef4b40062e69dae7a0095ff66d47c7df9729b
-
SHA512
85094b29a5d473e4a34574af7a12366e977a0ef36246b8d6fef63b35f5b818c3e3a4801130c63e862b571569344f7c672870b222d414c354b712b6e420a64fa1
-
SSDEEP
1536:tpKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgaDOJiA6Cv/UGLI36yOAZE8q:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-