General
-
Target
Fattura2889523.one
-
Size
262KB
-
Sample
230323-gxhy9sfh6t
-
MD5
c6c2985c6ccff177ba290fff9b71603d
-
SHA1
cd2d799901468397d2115d767b858552310a41b6
-
SHA256
bc3a2524ef2abc9cf4411ed52a7b7b4d26a7a002fbab5237c5ce40f7e3b84558
-
SHA512
02d1998490e50b94fe3634abb5f0b77cb285ee32319b13a6a6f83641df87b0cbc059730b5dfd1972d89b315bef47378fe3b1135f9b2a17cc7c6b7e10105eae1b
-
SSDEEP
3072:kNjcvQx377FjDDRX4UzUfxJ3mY2IsGllOb3HPWaBtOzUfxJ3mY2IsGllOb3HPWa3:kmvQp1DRXKXm5ZGa3vRXm5ZGa3vuVs
Static task
static1
Behavioral task
behavioral1
Sample
Fattura2889523.one
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Fattura2889523.one
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Fattura2889523.one
-
Size
262KB
-
MD5
c6c2985c6ccff177ba290fff9b71603d
-
SHA1
cd2d799901468397d2115d767b858552310a41b6
-
SHA256
bc3a2524ef2abc9cf4411ed52a7b7b4d26a7a002fbab5237c5ce40f7e3b84558
-
SHA512
02d1998490e50b94fe3634abb5f0b77cb285ee32319b13a6a6f83641df87b0cbc059730b5dfd1972d89b315bef47378fe3b1135f9b2a17cc7c6b7e10105eae1b
-
SSDEEP
3072:kNjcvQx377FjDDRX4UzUfxJ3mY2IsGllOb3HPWaBtOzUfxJ3mY2IsGllOb3HPWa3:kmvQp1DRXKXm5ZGa3vRXm5ZGa3vuVs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-