General
-
Target
392cf532a59be6666f115ba88be6f0d8b06d693efa9df7c7a7a064a91036e728.zip
-
Size
47KB
-
Sample
230319-l37a9saa31
-
MD5
bf7146e7658d3cc55ae5e83b3aa06f60
-
SHA1
2f55350816f4946d7dff8e1cc84cfb2354bd6283
-
SHA256
71bd333ec746fde9a59e2c6b08220f06eb2dbe386a47aedc183e84b0787ad5d2
-
SHA512
688ef373ad8ee5d38d40505f8a8c8a10574f0aa102e0266bab669f81b6a517d0bf63aa58bdbd8dac66334e95c545a9ded1ca90f9cae84f6e8545f141b1840821
-
SSDEEP
768:YbxviYjBYTLqpRsb11MJX7MqvTro8Kj+8L3MWR+pv30/zLE+c2rnNG7E:gx6wBYqc5ioq3XKj+GMWwB30/cUNGA
Behavioral task
behavioral1
Sample
392cf532a59be6666f115ba88be6f0d8b06d693efa9df7c7a7a064a91036e728.doc
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
392cf532a59be6666f115ba88be6f0d8b06d693efa9df7c7a7a064a91036e728.doc
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://liarla.com/RqAjQLJlx
http://espasat.com/1YbH45y
http://latuconference.com/wp-content/uploads/vvl9XHG
http://dirtyactionsports.com/vVgr4dva
http://demign.com/PGT53cb
Targets
-
-
Target
392cf532a59be6666f115ba88be6f0d8b06d693efa9df7c7a7a064a91036e728
-
Size
91KB
-
MD5
72a9e07df484abded0ea6d59ff4ab59d
-
SHA1
579c684ddef4753db317daf110040cdbeacefa29
-
SHA256
392cf532a59be6666f115ba88be6f0d8b06d693efa9df7c7a7a064a91036e728
-
SHA512
2617f5c93137c7879a1e7a48333fe38a0a30e8e6cd90d341874a006e02b98c26e93efe7286441deedb5736484bbe9ae4c79666b2c13d47a536e80bfe98b59f5e
-
SSDEEP
1536:Docn1kp59gxBK85fBARjCTM4Yv54+a9kX:c41k/W48mjCgdRb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-